WordPress GDPR plugins

12 Best WordPress GDPR Plugins for Compliance (Free & Paid)

Are you looking for the best WordPress GDPR plugins? It’s important that your website stores personal data legally, so you’ll want to check every plugin you install.

In this article, we’ll look at some of the best GDPR plugins for your site. These plugins help you to get consent and manage personal data in WordPress.

Create Your WordPress GDPR Form Now

Is WordPress GDPR Compliant?

Yes, WordPress is GDPR compliant out of the box. But some plugins for WordPress aren’t GDPR compliant yet. That’s why it’s so important to check each one individually.

You need to use GDPR compliant plugins if your website gets visitors from the European Union or the United Kingdom. Their personal data is protected by law, even if you (or your website) are located somewhere else.

Under the GDPR, personal data could mean things like:

WPForms is the best WordPress Form Builder plugin. Get it for free!
  • Data the visitor types in, like their email address or phone number
  • Data that could be automatically collected, like a cookie that keeps track of their IP address.

This doesn’t mean website owners can’t collect user information. But you’ll need to get explicit consent.

Now we understand a bit more about WordPress GDPR compliance, let’s move on and look at the best WordPress GDPR plugins.

The Best WordPress GDPR Plugins

We’re going to look at the best GDPR plugins for WordPress and walk through the most important features.

Some of these plugins will help you to set up your site correctly as a ‘data processor’. Others help you meet GDPR requirements by giving you control over the way data is stored.

  1. WPForms
  2. MonsterInsights
  3. OptinMonster
  4. Instagram Feed Pro
  5. Shared Counts
  6. Cookiebot
  7. Cookie Notice
  8. Delete Me
  9. WP AutoTerms
  10. WP Activity Log
  11. Iubenda
  12. Complianz

Let’s start by looking at contact form compliance.

1. WPForms

WPForms is the best online form builder. It has excellent GDPR features to help your forms stay compliant with the GDPR.

GDPR enhancements are available in the free and paid versions of WPForms.

WPForms pricing

When you turn on the enhancements, you’ll see a new GDPR agreement field in the form builder. You can easily drag the field onto any contact form to make sure you get consent for your visitors.

This feature is available in the paid version of WPForms and the free version, WPForms Lite. Other free form builder plugins don’t have any GDPR fields at all. Get more info in our review of WPForms Lite vs Contact Form 7.

Drag GDPR form field onto WordPress form

In the paid version of WPForms, you get extra GDPR features as well.

Some addons use cookies to track users. This is essential for some functionality. But if you don’t use those features, you can turn off cookies completely.

And that’s not all! In WPForms Pro, you can turn off tracking of visitor user-agent and IP addresses too.

GDPR agreement form settings in WPForms

Finally, if you want to completely remove the risk of a data breach, you can also disable form entry storage in the paid version. That way, none of your form submissions will be saved in your WordPress database.

Features:

Pricing: WPForms Lite is 100% free forever. The paid version of WPForms is priced from $79/yr.

2. MonsterInsights

MonsterInsights is the best Google Analytics plugin for WordPress. It lets you easily see how your site is performing. You can also create analytics reports in the WordPress dashboard that are easy to understand.

MonsterInsights WordPress link tracking and analytics plugin

MonsterInsights lets you easily anonymize IP addresses for Google Analytics in the free and paid version. There’s also an EU Compliance Addon that quickly disables tracking features and reports in Google Ads.

One really neat feature is that MonsterInsights automatically integrates with other WordPress GDPR plugins.

For example, it works with Cookiebot and Cookie Notice plugins that we also cover in this article. So if you have those installed, MonsterInsights will automatically for the user to give consent before it loads its analytics scripts.

Features:

  • Anonymize IP addresses
  • Geolocation features
  • Disable remarketing and ad reporting
  • Disable user ID and author tracking
  • Make custom opt-out links
  • Integrates with cookie plugins
  • AMP compatible
  • CCPA compliant
  • Compatible with Google’s opt-out analytics cookie

Pricing: There’s a free version of MonsterInsights. The paid version is priced from $199/year.

Want more details before you buy? Check out our MonsterInsights review.

3. OptinMonster

OptinMonster is the best lead generation plugin. It lets you easily create popups, banners, and other campaigns that you can add to your website.

OptinMonster homepage

With OptinMonster, you can easily add double optins to your lead generation popups. Double optins ask for confirmation from the visitor so you can be sure they’ve given consent. If you prefer, you can add a GDPR consent checkbox to your optin forms instead.

Are you worried about not getting leads because of GDPR? You can use the automatic geolocation feature to only show GDPR fields to visitors from the United Kingdom and European Union. That way, people from other countries don’t have to use them.

Here’s another good thing to know about OptinMonster. If you get a data request from a customer, OptinMonster has an Audit Concierge team. They’ll help you to locate and supply the data you’ve collected.

Features:

  • Easy privacy policy links
  • Privacy optin checkbox
  • Double optin support
  • Visitor geolocation
  • Audit concierge service

See our OptinMonster review for a full list of features.

Pricing: There’s a free version of OptinMonster. Paid plans start at $14/month.

4. Instagram Feed Pro

Want to display Instagram feeds in WordPress? You need the Instagram Feed Pro plugin by Smash Balloon.

Smash Balloon Instagram Feed Pro

Instagram Feed Pro is the best Instagram plugin for WordPress. It lets you display Instagram photos on your site, and make custom hashtag feeds.

To keep your site GDPR compliant, Instagram Feed Pro won’t load anything from the Instagram CDN until your visitor gives consent. This feature is compatible with some of the cookie plugins we covered in this article, including Complianz and Cookiebot.

Features:

  • Caches and optimizes Instagram images
  • Responsive layout
  • Visual moderation
  • Supports hashtag feeds
  • Can display local images without cookie consent

Pricing: There’s a free version of Instagram Feed. Paid plans start at $98/year.

5. Shared Counts

Shared Counts lets you easily add social media sharing buttons anywhere on your website. The plugin tracks the number of clicks your sharing buttons get and displays the total on your posts and pages.

Shared Counts GDPR compliant WordPress plugin

Unlike many sharing plugins, Shared Counts doesn’t track your users. That’s why we think it’s an essential addition to our list of WordPress GDPR plugins.

Shared Counts also has its own caching system so it won’t slow down your site.

You can easily customize the way your sharing buttons look. The plugin is super customizable and has awesome developer documentation if you want to adapt it yourself.

Features:

  • Easy social sharing buttons
  • Counts shares for each site
  • Multiple style options
  • No cookies or tracking code
  • Full documentation

Pricing: Free.

6. Cookiebot

The ePrivacy cookie law is strict about cookies that collect personal data or track behavior. Cookiebot is a WordPress GDPR plugin that gets consent for cookies in different categories.

Cookiebot WordPress GDPR plugin

Under the General Data Protection Regulation, user consent for cookies must be ‘freely given, specific, and informed’. That’s why Cookiebot lets your visitor choose if they want to turn some off while leaving others active.

The plugin also automatically scans your site to see which cookies are in use and then updates your cookie declaration.

You can whitelist essential cookies that your website needs to function. And you can also hide the cookie consent options depending on your visitor’s location.

Features:

  • Geolocation
  • Cookie declaration generator
  • Cookie whitelisting
  • Customizable cookie bar
  • CCPA compliant
  • WCAG 2.0 compliant
  • Do Not Track compliant
  • Encrypted consent log
  • Multi-domain support
  • WPML ready
  • Google Consent Mode ready

Pricing: Cookiebot is free for 1 website with up to 100 pages. The paid version starts at $10/month.

7. Cookie Notice

Cookie Notice is a GDPR cookie consent plugin that displays a cookie optin bar on your website. It makes it easy for your visitors to see more information about the cookies you use so that they can give explicit consent.

WordPress Cookie Notice GDPR plugin

This plugin is neat because it integrates with the default WordPress Privacy Policy page. You can decide if the cookie consent bar should disappear when the page scrolls, or when the visitor clicks somewhere on the page.

Cookie Notice also lets you control the layout and style of the buttons and links. That way, you can easily make it match the rest of your WordPress site.

Features:

  • Customizable cookie notification message
  • Bar or modal popup
  • Link to your Privacy Policy
  • Option to decline cookies
  • Customization of colors and layouts
  • CCPA compliant
  • Translation ready

Pricing: Free.

8. Delete Me

The General Data Protection Regulation talks about the ‘right to be deleted’, or the ‘right to erasure’. That means that citizens of the EU and UK have a right to have all of their data wiped.

In WordPress, site owners have a tool to easily delete user data if they get a ‘right to be forgotten’ request. The Delete Me plugin expands on that by letting your users delete their own data themselves.

Delete Me WordPress GDPR plugin

Delete Me adds a button to the profile page in WordPress that will delete all the data for that user. You can also add a shortcode to any page or post on your site. Users can only delete their own accounts and not someone else’s.

As the site owner, you can choose if the user can delete their WordPress comments. If you turn this off, they’ll only be able to delete posts and links.

Delete Me is handy for community sites. You can easily give people control so you’re compliant with the ‘right to erasure’. The plugin doesn’t store any info about your users.

Features:

  • 1 click self-delete posts, comments, and links
  • Restrict usage by role
  • Multisite compatible
  • Network Activation compatible
  • Admin email notifications

Pricing: Free.

9. WP AutoTerms

Do you need to create legal pages, like privacy policies or terms of use? WP AutoTerms lets you quickly generate legal pages for your WordPress website.

WP AutoTerms GDPR plugin for WordPress

You can easily build legal pages for different purposes in the plugin. Then, you can customize them with your own custom CSS, fonts, and background colors. WP AutoTerms automatically links to all of your policies in the WordPress footer.

If you need to update a policy, the plugin can show your visitors an alert so that they can check the changes easily.

Features:

  • Compliance kits for GDPR, CCPA, and more
  • Automatic footer links
  • Update announcement bars
  • Disclose paid endorsements
  • Show or hide policies for logged-in users
  • Create custom legal pages

Pricing: The free version lets you create a simple privacy policy. The premium version costs from $39 one-time fee and lets you create policies with GDPR or CCPA wording.

10. WP Activity Log

As a site owner, you have to make sure that personal data is secure. It’s one of the terms in the General Data Protection Regulation.

That’s why we like WP Activity Log. It helps to keep you compliant by tracking what logged-in users are accessing or editing. You can even track changes to eCommerce products, so it’s a great WordPress security plugin.

WP Activity Log GDPR WordPress plugin

Many WordPress GDPR plugins don’t log data access. That’s why WP Activity Log can help you stay compliant. If there is a data breach, you can look through the log to see exactly what happened.

The log keeps a timestamp and records the IP address that accessed the data. This can help you easily tell whether the breach was accidental or malicious.

Features:

  • Logs changes to posts, tags, comments, and more
  • Tracks WooCommerce activity
  • Logs all activity from logged-in users
  • Optionally logs logged-out users
  • Logs hack attempts
  • Tracks plugin and theme updates
  • Tracks database changes

Pricing: There’s a free version on WordPress.org. The paid version lets you see real-time activity and create email notifications.

11. Iubenda WordPress GDPR Plugin

Iubenda combines the GDPR and ePrivacy (cookie law) in an ‘all in one’ plugin. It lets you track consent on different parts of your website, including the comment forms underneath your blog posts.

Iubenda WordPress GDPR plugin

The plugin automatically keeps records of user consent so you can easily keep track of who opted in and when. It also automatically tracks the legal policies on your website when the visitor consented.

Iubenda can record different types of consent for the same user. That means you’ll have a complete audit log of GDPR consent on your site.

The features and pricing are a little tricky to understand. On a basic level, the Pro version supports multiple sites and more complicated policies. Ultra also lets you create a terms and conditions document.

Features:

  • User optins for different cookie types
  • Cookie banner
  • Blocks cookies before consent
  • Script detection
  • Consent management
  • Offline consent tracking
  • Geodetection
  • CCPA and CalOPPA ready

Pricing: There’s a free version of Iubenda that lets you create basic policies on 1 website. Paid versions of Iubenda are priced from $29/year.

12. Complianz

If you want to be compliant in as many countries as possible, Complianz might be a good fit for your site.

This plugin combines consent banners and compliance for many countries. Also, it can automatically detect your visitors’ location so that they see the right legal document.

Complianz GDPR WordPress plugin

Complianz also has an automatic cookie scan that can detect the other plugins on your site. You can generate your own policy with a wizard.

The plugin is ready for the GDPR framework as well as a ton of other privacy laws and policies for different countries. It supports both EU GDPR (DSVGO) and UK GDPR, giving you a lot of options in a single plugin.

Features:

  • Geolocation
  • Customizable templates
  • Cookie policy wizard
  • WordPress blocks
  • ‘Data minimization’ compliant
  • Support for PECR, CCPA, COPPA, PIPEDA, and more
  • Supports Do Not Sell (DNSMPI) and Do Not Track

Pricing: The free version includes basic tools and settings. The paid version’s priced from $45/year.

And that’s it! Now you know the best  GDPR WordPress plugins. Quick disclaimer: plugins alone can’t guarantee that your website is GDPR compliant. Please get legal counsel if you aren’t sure which ones to use.

Create Your WordPress GDPR Form Now

Next Step: Create GDPR Compliant Forms

Great! You have all the GDPR WordPress plugins you need. Next, you’ll want to add a GDPR agreement to your forms.

WPForms makes it easy to add a GDPR agreement checkbox to any form on your website. You can easily customize the agreement wording and appearance.

And if you need to get consent for your work, check out our article on making a model release form for some ideas on how to publish your waivers online.

Ready to build your form? Get started today with the easiest WordPress form builder plugin. WPForms Pro includes GDPR features and offers a 14-day money-back guarantee.

If this article helped you out, please follow us on Facebook and Twitter for more free WordPress tutorials and guides.

Using WordPress and want to get WPForms for free?

Enter the URL to your WordPress website to install.

Add a Comment

We're glad you have chosen to leave a comment. Please keep in mind that all comments are moderated according to our privacy policy, and all links are nofollow. Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.

This form is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.