Have you ever heard that WordPress usually sets certain cookies automatically, and plugins may do the same?
If not, then it’s time to clarify this with a WordPress cookie plugin. Because if you don’t do that, you’ll face frightening penalties due to the GDPR. Which extensions there are for it, I show you here.
WordPress cookie plugins are an essential part of any European website that needs to comply with the GDPR. They automatically detect the services and plugins used and ask the visitor for consent. Only after this consent, cookies may be stored and data transferred.
The best WordPress cookie plugin
Borlabs Cookie Plugin
Includes many clever features, can be customized as easily as pie, and is quick to add as a WordPress plugin. Plus, it’s priced very fairly in direct comparison with the competition. The cookie banner almost becomes a minor issue with monthly scans for cookies, statistics, analytics, and much more.
Real Cookie Banner
Particularly a simple WordPress plugin from Germany to add a GDPR cookie banner. The extension has countless templates and content blockers to load YouTube embeds only after confirmation, for example. The ideal solution if you don’t want to worry about the issue unnecessarily.
Extensive WordPress Cookie Plugin available as Free and Pro versions. With a few clicks, you have created your GDPR Banner within WordPress and customized it to your site. If that’s not enough, there are many more advanced features waiting for you to use on your WordPress website. Additionally, translated into all major languages.
Use a handy WordPress cookie banner plugin now to protect yourself against violations regarding the GDPR. Such violations can be costly and therefore problematic for any kind of website. If you want to prevent possible lawsuits, you can choose the appropriate consent plugin for WordPress here and inform your users about the storage of cookies according to the guidelines.
1. Real Cookie Banner
With the Real Cookie Banner Plugin for WordPress you not only get wonderful assistance for your WordPress blog regarding the GDPR, but also a plugin that was developed in Germany.
With such a sensitive topic as the GDPR, a European development location is always an advantage in my opinion. You can expect 150+ templates for different services and 120+ content blocker templates. The Content Blocker prevents iFrames and scripts from being loaded before your users have actively agreed to them. A good example is YouTube videos, which would otherwise immediately connect to Google as an embed.
Thanks to the scanner and the additional customization options, you can also design the cookie banner so that it fits ideally with your WordPress website and no longer looks like a foreign body. According to the regulation, you also have to prove when users consent in case of doubt. This is also ensured by the Real Cookie Banner plugin for WordPress.
- Great setup wizard
- Plugin comes from a German developer
- Anyone who already uses another service can request a voucher to get Real Cookie Banner for the first year for a token euro
- Clean documentation of all consents made
- Very customizable, while being very easy to use
- Extensive and cleanly programmed
- None known
Truendo also sees itself as a complete solution regarding GDPR and data protection. The platform offers a corresponding WordPress plugin, which simply integrates the cookie banner into your website. There is, among other things, a monthly scan for new cookies, Insights, as a kind of statistics and analysis, the Color Scheme Generator, which adjusts the notice accordingly, an Auto Blocker for anything that violates privacy, Geo-Control, accessibility, and much more.
Truendo is very serious and basically thinks of everything when it comes to cookie banners and privacy.
Moreover, the pricing model here is particularly appealing. The Essentials version is “Free forever” as they say, while the Premium variant costs 99 Euros a year.
- Easily customizable cookie banner
- If you wish, the Auto Blocker can block everything that violates your privacy
- Monthly scan for new problematic cookies
- Extremely many and practical additional functions
- Perfectly suited for agencies and freelancers
- None known
3. Borlabs Cookie Plugin
The Borlabs Cookie Plugin for WordPress was one of the first back then and is still very popular today. Here, an appropriate cookie banner is integrated into your WordPress blog, which you may customize within the settings as you wish. Care has been taken to ensure that Borlabs works smoothly with various other plugins, including caching. After all, the WordPress cookie plugin must still work when a page is cached.
The settings are self-explanatory here because, for each menu item, there is a corresponding explanation. The content blocker also automatically takes care of a two-click solution for YouTube and other embeds.
Borlabs Cookie is definitely recommended.
- Plugin has been developed and maintained for a long time
- The integrated content blocker takes care of embeds from YouTube and other third parties
- All settings are always explained in detail
- Many functions also require many settings
- There is no free trial version
4. Complianz | GDPR/CCPA Cookie Consent
The software also provides change detection and automatic updates for regulatory changes, alerts for privacy violations, and automatic deletion of data at the request of the data subject. Complianz also provides options to block cookies that track user information and anonymously transmit IP addresses to protect user anonymity.
The Complianz wizard was almost too extensive for me. It asks many questions that the layman may not have the answer to. Those who prefer many options are certainly happy with Complianz. However, I prefer a simpler solution, like I get with Truendo.
Complianz Free vs Pro
Other Pro Features:
- Targeting multiple regions with GEO-IP and displaying the necessary type of cookie banner depending on the region
- TCF2.0 integration
- Consent saving
- Google Consent Mode
- Data requests
- Data leak reports
- Complianz automates the process of creating, updating and publishing privacy policies, cookie policies and consent forms
- The WordPress cookie plugin offers custom templates
- Legal changes are detected automatically
- None known
CookieYes can be used to display a simple and effective notice regarding cookies. This is used to reject or accept cookies. How the notice looks, can be customized relatively freely, as with almost all cookie banner plugins for WordPress.
Thanks to the cookie audit, you can also see which cookies your website currently sets, so that you can include them in the table accordingly. The WordPress cookie plugin itself comes from an experienced developer but is not a European solution.
What the difference between DSGVO and GDPR is and whether there is one at all, I explain to you at the bottom of the magazine part of this post again in more detail.
- Quickly installed and set up
- Not a typical European solution
- Few to no additional features
Cookiebot is again a cloud-based service. How GDPR-compliant it is is another story. To display the cookie banner, a connection to Cookiebot.com is established. The advantages in terms of legal security are of course given, but a cloud service does not usually make things easier. Thus, you have to register with Cookiebot first in order to enter your ID within the WordPress plugin afterward.
The Cookie Banner itself then allows users to disable certain cookies and leave others active. For example, for settings, marketing, and statistics. I find the Cookiebot plugin a bit complicated and not too nicely solved, to be honest. There are now better offers, which I will also present to you here.
- Individual cookie groups can be accepted or rejected
- Unnecessarily complicated settings
7. Cookie Notice & Compliance for GDPR / CCPA
Simple, practical, and fast. This is indeed true for the Cookie Notice & Compliance plugin for WordPress. It adds a very rudimentary cookie banner to your blog and lets you set a few basic settings for just that.
If you want more later, you can connect the plugin to the service’s Cookie Compliance ID and extend the plugin’s features accordingly. Among other things, with an auto-blocker and various country-specific adjustments. Of course, the whole thing is then only available for paying customers.
- Quick and easy cookie banner
- Easily expandable with the cloud service
- Cloud service from the USA really in the sense of the DSGVO?
- Who wants more functions besides the banner, must pay
As a consent management platform, Usercentrics is very powerful and extensive, which is why it could be worthwhile, especially for larger providers. Some German stores and portals use the software. The whole thing comes in several languages, can be edited in a team, and is really a complete solution for consent management. The prices reflect the professional claim because it starts at about 50 US dollars and then depend individually on the respective requirements of the platform on which it is used.
- An extremely comprehensive tool for consent management
- Work with several people in a team (access rights) possible
- A complete solution that is also suitable for large websites
- Rather not suitable for small blogs.
9. DSGVO Pixelmate
The WordPress GDPR plugin from Pixelmate promises that you can create a correct cookie banner for WordPress even as an absolute layman and with just a few clicks. For this, the extension offers various GDPR-compliant integration options for common scripts, just like an intelligent data control. If a user rejects cookies, this first blocks all scripts on your website. So, you are on the safe side, should you have overlooked something manually.
Otherwise, the cookie banner can be completely customized to your website. The settings are all in the menu, so you don’t need to know CSS or HTML. Instead, you choose the position for the banner, and the colors and adjust the font size and other details accordingly. It’s all very simple and a one-time purchase, so no subscription or update fees.
Update: GA4 is now supported by Pixelmate.
- Very easy to use and customize
- Fair pricing model as a one-time purchase and depending on the number of websites
- Intelligent data control prevents you from accidentally loading a script and unintentionally violating the GDPR
- Developed as a kind of joint venture between a lawyer and a developer
- Slow updates
10. Cookie Information
How the cookie hints look can be extensively personalized, so it will always fit your site perfectly. A corresponding WordPress plugin is of course also available, even if the service itself is a cloud service. The whole thing is designed to be very comprehensive and largely automated. You pay per domain, and the extended tariff is really only necessary if you need the corresponding functions and monitoring.
The 10 US dollars per website are otherwise very fair, in my opinion.
- Extremely comprehensive consent management service
- With 42 languages usable for almost any type of website
- You can choose the frequency of the cookie scanner
- Extensive design customization of the cookie banner is possible
- Scanning and monitoring at the highest level
- None known
iubenda is a web-based application that enables website owners and businesses to automatically create and adapt their privacy policies, cookie policies, and consent forms to changing laws. iubenda’s services are easy to use and offer custom templates and handy tools to facilitate the privacy compliance process.
The services can be offered in multiple languages and also provide advanced features such as customer and website data management.
While it is a SaaS service that can be used for any type of website, iubenda also offers an excellent WordPress plugin from which you can do the complete setup.
The cookie banner service is still fairly new, but is catching up rapidly and offers great features.
- Automatic policy updates: When regulatory changes occur, privacy policies are automatically updated to ensure compliance with new regulations.
- Custom templates that can be adapted to individual needs.
- iubenda offers advanced features such as managing customer and website data, viewing user consent, and managing GDPR violations.
- Cost: iubenda offers a free service for up to 5000 monthly visitors, you get the full service only with the paid plans.
12. Privacy Cloud from legalweb.io
The model of the provider Privacy Cloud is interesting because it is different from many known solutions. Here, a GDPR complete package is promised, which, because it comes from the cloud, is supposed to always appear current and up-to-date.
If desired, the legal texts are multilingual and translated by sworn and certified court interpreters, as they say. In addition to various designs of the cookie banner (popup, sidebar, bottom bar), there is also a style configurator and individual customization options via CSS are also possible.
The whole thing also comes with a plugin for all major CMS, including WordPress. In parallel, legalweb.io offers the plugin WP GDPR Tools.
Attention: Unfortunately, the developers do not seem to respond to support requests in the WordPress forum. Therefore, I cannot recommend this provider.
- Extensive cookie banner with its own style configurator
- Besides the notice, there are also legal texts for privacy and imprint
- As a subscription model, everything is permanently updated and adapted to new jurisdictions, if necessary
- It is not really clear who exactly develops the plugin and who is responsible for the legal texts
- Support does not answer in the WordPress forum
What is the basic data protection regulation?
The General Data Protection Regulation (GDPR) is a European data protection law that came into force in May 2018. It protects personal data and ensures the protection and privacy of citizens and businesses within the European Union (EU) and the European Economic Area.
GDPR, consent, cookie, what’s the difference?
The general term is Consent Management Platform or CMP for short. The notice banner is then a part of it. When my clients ask me about a GDPR Consent solution, the following terms keep popping up:
- WordPress Cookie Plugin
- WordPress Cookie Notice
- WordPress Cookie Banner
- WordPress GDPR Plugin
- WordPress Cookie Consent
People often also ask whether a cookie plugin or a GDPR plugin is needed.
In short, it’s all the same thing.
Cookies and the so important GDPR cookie banners
Hardly anyone does not know them, but a frightening number of people do not yet have anything like this in use on their own websites. We are talking about the so important WordPress Cookie Banner, which is mandatory according to GDPR, at least if you want to store corresponding cookies in the browser of your visitors. Because WordPress almost always does this automatically, however, almost every blog needs such a notification.
Nevertheless, I often come across WordPress websites that completely ignore this point of the GDPR. Many simply do not know any better. After all, WordPress has greatly simplified the matter with its own website and thus made it possible for beginners and novices to create a blog with a few clicks. But they then fall into the trap and unknowingly violate the GDPR.
That’s one of the reasons why I really wanted to teach you more about it on this website. The GDPR is a good thing at its core, but it has also created new hurdles. If you don’t want to risk a lawsuit and don’t want to be constantly afraid of warning letters, you, therefore, need the appropriate WordPress cookie plugin and should basically store as little data as possible. Because this is not always successful with WordPress, I’ll tell you a little more about it here and explain the topic of cookie banners again in detail.
What cookie banners have to do with an opt-in and opt-out
When the GDPR was still quite new, there was a rule that there should only be a notice about cookies. The website then displayed a small infobox and the matter was settled. However, following a decision by the Federal Court of Justice, it is clear that a cookie banner must give users a choice. Visitors must therefore always be allowed to decide for themselves whether cookies should be stored or not. Of course, this only makes the whole thing more complicated for you.
In technical jargon, a distinction is made here between opt-in and opt-out. The latter means that visitors may object at any time (i.e. make an opt-out), but you first store data. This is not GDPR-compliant. With opt-in, on the other hand, which is mandatory under the regulation, users must actively agree before a cookie can even be stored.
This is exactly why the plugin is so important, which should open instantly when you enter your website. While before the GDPR an opt-out link on the privacy page was sufficient, today it must be the cookie banner that actively confirms or rejects the opt-in. The user has the choice, thanks to the GDPR, and you have the work to make it happen for them. That’s what privacy consent is for.
Avoid dark patterns or obfuscation at all costs
Now you might think that nobody wants to save cookies voluntarily. From experience, I can tell you that many click away an appropriate cookie banner without reading it and thus often just save everything. This has led to the fact that many have designed the buttons “clever”. The “accept all” button was then highlighted in color, while the reject as a link was grayed out, faded or hidden behind other clicks. This approach is illegal!
According to the European Data Protection Committee (If you want to read the relevant paper, you can find it here), dark patterns, i.e. the so-called obfuscation or deception, are simply forbidden. To deceive and manipulate the user by coloring or further clicks should logically be part of it. It also only serves this purpose and no one uses it for other reasons, to be quite honest.
Because you may not be aware of such details, I point them out once again. Just because larger providers handle it this way, it does not automatically make it legal. Rather, the respective companies have an interest in collecting as much data as possible, while the penalties are accepted accordingly. However, as a small blogger, you should be very careful not to get into trouble in this regard.
Always check the website again for cookies
Please also keep in mind that almost every WordPress plugin and addon function could set appropriate cookies. Google Fonts, Analytics systems of all kinds, plugins for contact forms and much more. Most of the things that are activated via WordPress extensions also set cookies. Just in case you don’t know that yet.
The WordPress Cookie Banner Plugins presented here do most of the work for you. Which cookie banner plugin is best suited for your WordPress blog, you still have to decide for yourself. Also, you should always check again whether really no cookies are set.
If you’re not that tech-savvy, I recommend Webkoll’s free tool. Among other things, this checks to see if your WordPress website is setting cookies. It also tells you a lot more and gives good tips on how to further increase privacy on your blog. So feel free to check it out if you want to be absolutely sure that no hidden cookies are set that you don’t know about.
What’s the difference between DSGVO and GDPR?
|DSGVO||General Data Protection Regulation||German|
|GDPR||General Data Protection Regulation||English / International|
In the end, I would like to briefly clarify the question of what is actually the difference between DSGVO and GDPR. Many people are confused when WordPress Cookie Banner Plugins suddenly say GDPR instead of DSGVO. But this has mainly something to do with the fact that most plugins come from America and they’re just the GDPR applies.
GDPR is the abbreviation for General Data Protection Regulation. This is essentially the international name for the GDPR, which is only referred to in Germany or in the EU as DSGVO, i.e. Data Protection Regulation.
Accordingly, when GDPR is mentioned, the DSGVO is always meant in the actual sense. However, we are talking about the international language area here. It would also be strange if there was no international term for it. Or don’t you think so?
Anonymization in the sense of the GDPR makes it possible to anonymize personal data to such an extent that no person can be identified from the data. This is particularly necessary when processing sensitive data in medical research and in everyday clinical practice. Analyses and surveys can thus be carried out without regard to the GDPR.
The GDPR provides strong legal protection for the anonymization of personal data. Sentence 5 of Recital 26 of the GDPR explicitly states that data protection principles do not apply to anonymous information. This means that as long as no individual can be identified from the data, no further rules need to be followed to ensure privacy and data security.
You can’t do without a WordPress cookie banner plugin
There is one thing I would like to clarify at the end. Without an appropriate Cookie Banner Plugin for WordPress, basically, no WordPress blog and no WordPress website can be operated anymore. The DSGVO has made that almost impossible.
While it’s true that the GDPR also has certain exceptions, you shouldn’t rely on them or even speculate. Most of the time it is enough if you have activated a contact form plugin, which automatically sets a cookie, about which your users must then of course be informed. Very often WordPress with all the themes and plugins already stores much more than just a cookie. Not to mention YouTube Embeds and other gimmicks.
That’s exactly why nowadays you can’t do without Cookie Banner Plugin. The only question is which service or WordPress plugin you want to use for it. There are classic systems that run directly on your blog, as well as constantly updated cloud services. Sometimes in subscription, then again as a one-time purchase. My list above tells you all about it and also shows you my personal recommendations. So you should definitely be able to find the right WordPress cookie plugin for you and your blog.