Magento 2 GDPR Extension

version 2.3.3
(4.9)
14 Review(s)
Data Privacy Extensions: GDPR (EU) US Privacy Laws

The Magento GDPR extension is aimed to make your website ready for the General Data Protection Regulation (GDPR). It helps to protect the rights of both the merchants (data controllers) and Magento site visitors.

  • Ensures compliance with GDPR rules: the right to be informed, to erasure, to restrict processing, to object, to access personal data.
  • Visitors can use Privacy Center dashboard to download or erase personal data, view Privacy Policy, Cookie Policy and contact Data Protection Officer.
  • Merchants can enable cookie consent notice, view download and erasure requests, manage customer consents and setup notifications.
  • CE: 2.3.x - 2.4.7
    EE: 2.3.x - 2.4.7
  • 100%
    Open Code
  • 60 Days
    Refund Policy
  • Free
    Lifetime Updates
  • CE: 2.3.x - 2.4.7
    EE: 2.3.x - 2.4.7
  • 100%
    Open Code
  • 60 Days
    Refund Policy
  • Free
    Lifetime Updates

Key Features of Magento 2 GDPR Extension

This Magento plugin helps companies that do business in the European Union or offer goods or services directly to individuals in the EU to make their store compliant with major GDPR rules.

All-In-One GDPR Solution for Magento 2

  • GDPR Magento 2 Extension introduces the Privacy Center Dashboard that was designed to display all GDPR options in one place.
  • Customers can view your Privacy Policy and Cookie Policy, contact the Data Protection Officer (DPO), Update their Email Preferences, Download Account Data and Delete their Accounts.
  • GDPR module integrates with your existing Privacy Policy, Cookie Policy and other CMS Pages and records a full history of changes (including document version, CMS page content, date and admin full name).

Download Customer Account Data

  • Customers can download an archive of their account data (customer information, addresses, full order history, reviews, price and stock alerts, products in the cart, wishlist, compared products, etc.).
  • Downloading customer information is a password-protected process that only customer will have access to. They will receive information in Spreadsheet (Excel, CSV) file format, which could allow another service to more easily import it.
  • Admin can keep track of all download requests from Magento backend.
  • Built-in API support allows you to download data from third party applications.

Permanently Delete & Anonymize Customer Account

  • Customers can request to erase all personal information from your store permanently. Accounts will be automatically deleted within 24 hours after the removal request was submitted.
  • Customers can cancel a removal request by logging in before the account is permanently deleted.
  • Admin can view full log of account removal requests from Magento backend and cancel them if necessary.
  • Built-in API support allows you to delete or anonymize data from third party applications.

Magento Cookie Restriction Notice

  • A Magento 2 Cookie Consent extension ($129 value) comes bundled with this GDPR plugin, allowing you to display and customize a Cookie Restriction Notice at your Magento 2 store.
  • The users will have a choice of whether to opt-in or not. Cookies will be used only after the user clicks on “Accept Cookies” button.
  • GDPR module allows you to setup Google Tag Manager to prevent execution of your third party services before cookie consent is given.

Consent Management

  • Add your consent checkboxes (such as "I agree to the Privacy Policy" or "I agree to the TOS", etc) on the registration page, checkout page and newsletter subscription page directly from the backend. You can also add consent checkboxes manually using our developer's guide.
  • All customers who opted-in to these policies can be tracked via Magento consent log. Log of customer consents includes following data: customer name, email, consent location, link to the policy page, document version, date, IP, etc.

Geo Targeting

  • Plumrocket GDPR now includes GeoIP functionality, allowing it to detect the country where your viewer is located and personalize the content for that viewer.
  • Store owners can enable Cookie Notice and Consent Checkboxes to European Union visitors only and disable them for the rest of the world. Admin can configure this feature for each country separately or for all at once.
  • Merchants who work with international clients will greatly benefit from the GeoIP restrictions in GDPR extension.

Popup and Email Notifications

  • Schedule popup notifications and display a popup window to all customers upon successful login. Request customer consent to the updated versions of the "Privacy Policy", TOS, Cookie Policy or any other agreement.
  • Notify users by email when their account data was successfully downloaded or a removal request created.

Built-in Support of Plumrocket Data Privacy Extensions

  • Plumrocket offers a full set of data privacy extensions for Magento 2 - GDPR, CCPA, LGPD.
  • GDPR Magento 2 Extension will work seamlessly with other Plumrocket data privacy extensions on the same Magento store, allowing your company to become compliant with all major data privacy laws, including PIPEDA, POPIA, PIPA, APPI, APA, and others.
  • Whether your business is local or international, our extensions cover all major data protection regulations in the European Union and around the world.

Compatible with Custom & Third party Magento 2 themes

  • Magento 2 GDPR module was designed to work flawlessly on any third party Magento 2 theme. Whether it is your custom theme or a popular theme like Ultimo, Shopper, Fortis, etc. – it supports them all.
  • Compatible with the latest Community and Enterprise Editions of Magento 2 Ecommerce Platform.

Magento 2 GDPR Extension Overview

GDPR module from Plumrocket is an all-In-one GDPR solution for Magento that comes with easy to use Privacy Center Dashboard and flexible admin settings to ensure GDPR compliance of your store.

All Features:

  • Features for Customers
    • Privacy Center Dashboard
      • Magento GDPR extension adds a new section in Magento Customer Account - “Privacy Center” with a list of GDPR options and Privacy FAQ.
      • In Privacy Center dashboard customer can choose to view Privacy Policy, Cookie Policy, contact Data Protection Officer (DPO), Update Email Preferences, Download Account Data and Erase their Accounts.
    • Account Data Download
      • Customers can download their account data as per GDPR Articles 15 and 20 – “Right of access” and “Right to data portability”. The data will be provided in both human-readable and machine-readable format (Excel, CSV). Customers can later transmit their personal data to another controller (ecommerce store or another location).
    • Account Data Removal
      • Users can request to remove their personal data from your store. Article 17 of GDPR “Right to erasure (‘right to be forgotten’)” allows them to do so. Within 24 hours all personal data will be automatically deleted and anonymized if removal requests are not canceled by the Admin or a Customer.
      • Customers can cancel data removal requests when they sign-in into their account within 24 hours after the data removal request was submitted.
      • GDPR plugin will prevent customers with pending orders to delete account until all orders are completed or canceled.
      • All account removal requests and data download requests are password-protected to ensure the security of customer accounts.
    • Cookie Restriction Notice
      • As per “Recital 30” of GDPR, cookies “may be used to create profiles of the natural persons and identify them”, therefore the users must have a choice whether to opt-in or not.
      • With Cookie Policy bar enabled, customers can choose whether to allow usage of all non-essential cookies. All essential cookies required for proper functioning of Magento store will continue to work. While all non-essential cookies, such as those used for analytics, cookies from advertisers or third parties, including affiliates and those that identify a user when he returns to the website will not be used until the consent is provided.
    • GDPR Consent & Opt-In
      • Customers can provide consent to Privacy Policy, Cookie Policy or any other Policy on account registration page, checkout page and newsletter subscription pages.
    • Popup and Email Notifications
      • Customers can be notified about any policy update via popup notification.
      • Transactional emails are used to notify customers about all account removal requests and data download requests.
  • Features for Merchants
    • General Configuration
      • Magento Admin can configure Privacy Center Dashboard, Account Removal Settings, GDPR Email settings, Consent Checkboxes, Cookie Consent Notice and Google Tag Manager settings.
    • Account Data Download
      • The following data can be downloaded from Customer Account in CSV file format - customer Information, addresses, full order history, reviews, price and stock alerts, products in cart, wishlist, compared products, etc
      • Additional information can be exported from Magento using provided API. Follow our developer guide if you need to include customer data from your third-party extensions in the downloadable ZIP archive.
      • Admin can track all account download requests via “Log of Account Data Downloads” in Magento Admin.
    • Account Data Removal
      • Magento order history will be anonymized and kept in database as “Guest Orders” for accounting purposes
      • By default, GDPR extension will delete all personal data and anonymize Magento Orders. However, provided GDPR API allows to change default settings and anonymize all customer data instead of deleting it.
      • Admin can cancel all pending data removal requests directly from the “Log of Account Removal Requests”.
      • Admin can specify custom Anonymization Key to be used during the anonymization process of customer data.
    • Cookie Restriction Notice
      • The extension uses Magento native “Cookie Restriction Mode” functionality to display Cookie Restriction Notice Block.
      • Added functionality allows to conveniently change the Notice text and Button label from the backend. As well as display redesigned cookie bar in the bottom section of your site.
      • Google Tag Manager can be used to load all non-essential javascripts only after the explicit consent to allow cookies is provided by the visitor.
    • GDPR Consent & Opt-In
      • Article 7 of GDPR “Conditions for consent” requires that “the controller shall be able to demonstrate that the data subject has consented to processing of his or her personal data.” Therefore the Plumrocket GDPR extension allows admin to add custom consent checkboxes in multiple locations on Magento frontend and track all customer consents via “Log of Customer Consents” in the Magento backend.
    • GDPR Settings in CMS Pages
      • Admin can continue using standard CMS Pages for Privacy Policy, Cookie Policy, Terms of Service or any other policy page.
      • GDPR functionality will be automatically integrated in all CMS pages and can be enabled for each page separately.
      • Admin can enable versions for specific CMS pages and view revision history.
      • Admin can enable popup notifications and notify customers about policy updates upon successful login. This is useful when asking customers to agree to the updated version of the "Privacy Policy", TOS, Cookie Policy or any other agreement.
    • Popup and Email Notifications
      • Admin can enable popup policy updates from CMS pages
      • Extension intercepts all login & registration attempts via Social Login (Facebook Login, Twitter Login, or other social networks) and displays Popup Notification requiring customers to agree before using the website.
      • Admin can configure GDPR Email settings from the configuration page. Choose email sender name, address and transactional email templates.
  • 100% open code magento 2 extension

Magento 2 GDPR Extension Reviews

Every customer will automatically receive a 100 reward points for each approved review. To submit your review please

Write a Review
  • Easy to configure
    Carmen Rodriguez posted on November 21, 2023. Review for Magento 2.x
    The extension works great for us. The configuration was easy and straightforward with the documentation. This is my second extension from Plumrocket and I had no problems so far.
  • Very good GDPR MODULE, good support, but it could be better
    Antonio Rossetti posted on August 22, 2022. Review for Magento 2.x
    Good support, but it could be better and would give their modules a distinct added value. However, the module does its job well as well as being sold with unlimited updates. This is one of the best things that leads me to prefer their modules over others. I recommend buying from them.
  • Excellent Support
    Jaswinder Singh posted on January 18, 2022. Review for Magento 2.x
    Excellent Support and Prompt Response.
    I can't have a better GDPR Extension for Magento 2 for my customers. Overall great extension! Installation and configuration were simple, so we did it successfully.
  • I recommend it
    Olavi Bozhidarov posted on October 29, 2021. Review for Magento 2.x
    The extension is simple to install and use. I had zero issues with it downloading, installing or using. It simply works as advertised. The one time I did have a question, support responded and resolved the issue within an hour of my request.
  • Worked great for us
    I'm using it on: www.urbanbodyjewelry.com
    tom patt posted on November 21, 2020. Review for Magento 1.x
    The m1 version of this plugin worked great. We now need the M2 version so hopefully its just as good and we dont need to do a ton to get it working with the new M2 setup
  • NEEDFUL
    I'm using it on: www.b-happystore.it
    matteo dematteis posted on November 12, 2020. Review for Magento 2.x
    Indispensable to keep track automatically of consents and cancellations. Ensures compliance with GDPR rules, including access to personal data to download or erase.
  • Amazing!
    ERCAN KÖKSEL posted on January 31, 2020. Review for Magento 2.x
    Easy to use and edit with handy tips. Support was great and very helpful and informative. Very well designed and flexible to use all over my website. Thank you Plumrocket!
  • Best GDPR extension and good support
    I'm using it on: www.saidagustoespresso.com
    Fiorita Vittoria posted on December 19, 2019. Review for Magento 2.x
    Perfect fits GDPR needs, the extension didn't cause any problems after installation. Some fix needed, resolved in 3 days by Plumrocket team with ticket support.
  • Plumrocket and no problems :)
    I'm using it on: imoli2.pl, imoli1.pl, everlastingbrows.com, imoli3.pl
    Radosław Mól posted on November 29, 2019. Review for Magento 2.x
    The module works without any problems. We had to add domains to the test servers and this also went quickly and without problems. Plumrocket creates very good extensions for Magento.recomend Plumrocket. Great extension and support! Thank you.
  • Great and no issues
    I'm using it on: jendeindustries.com
    chris taylor posted on April 13, 2019. Review for Magento 2.x
    Only reason for a 4 star the price as always is a bit much with them.
    Only complaint about plum rocket is they seem lazy on maintaining extensions any times you will buy it and is out dated and needs fixing on their end, they do get it fixed within 3 or so days but instead of maintaining them they wait for clients to raise an issue.
  • Great GDPR extension
    I'm using it on: www.fed-corp.com
    Jerome FC posted on February 07, 2019. Review for Magento 1.x
    I have installed GDPR extension and works like a charm. The plug in is very simple to use and it supports Ultimo and Porto themes
    Essential for the management and protection of European customer data
  • It is my favorite GDPR extension
    I'm using it on: forcuties.com
    Teodor Tihin posted on January 07, 2019. Review for Magento 2.x
    This is my second extension from Plumrocket and it works like a charm, like the first one.
    It is highly customizable and covers all my GDPR needs.
    I lost many hours in discovering until I found this.
    I recommend it!
  • Highly suggested
    Frankie Sutton posted on September 10, 2018. Review for Magento 1.x
    Since the General Data Protection Regulation has been implemented a couple of month ago, our company had to comply with it. This plugin is very good, simple and our customers from Europe are already using it for downloading personal data and other features.

    The user interface is very clear and it works just fine with our template. Like every other extension designed by Plumrocket this GDPR extension works incredibly. Thank you
  • Best GDPR extension
    Cary Craig posted on July 31, 2018. Review for Magento 1.x
    This is our first purchase from Plumrocket and I must say that we are impressed by this GDPR extension and the top-notch support they provided. The module works flawlessly out of the box and does all that it should. Now the process of managing customer data according to the new regulation law that has recently came into force will be much more easier.
Your honest feedback
helps other visitors
in selecting their products
&
earns you a $10 in rewards
for each submitted review!
Write a Review

Magento 2 GDPR Extension FAQ

  • How to Update Given Privacy Consents via GDPR Data Privacy Center

    The Data Privacy Center introduced by Magento 2 GDPR, LGPD, and CCPA extensions, allows your website visitors to give and then update cookie consent preferences as well as checkboxes consents.

    A user can block previously allowed cookies or accept the previously declined preferences in a few simple steps. This feature ensures that your website complies with data privacy rules and regulations.

    How a Customer Can Update Cookie Consent Preferences

    A user can revise the consent preferences right from My Privacy Center accessed from My Account or the link in the footer:

    1. In Privacy Center, go to the Cookie Settings section.
    2. Click Accept All or Decline All to change all the consent preferences at once.

    3. If you want to change the consent associated with a specific cookie category, switch the toggle button next to the corresponding category.
    4. Click Confirm My Choices to save the changes.

    How a Customer Can Update the Checkboxes Consents

    A user can revise the consent preferences right from My Privacy Center accessed from My Account or the link in the footer:

    1. In Privacy Center, go to the My Consents section
    2. Check or uncheck the corresponding box and click Update.

    Please note that if a checkbox is set as required by the admin, it cannot be unchecked. Therefore, if a user wants to revoke consent, this can only be done by deleting the account.

    How a Customer Can Access Cookie and Privacy Policies

    A customer can easily access both Cookie and Privacy Policies pages from the Data Privacy Center.

    A website admin can set CMS pages for Cookie and Privacy Policies from the Magento Data Privacy extension configuration:

    • Go to Plumrocket -> Configuration -> Data Privacy -> Privacy Center Dashboard.
    • Make sure you have selected the correct CMS pages and click Save Config, as shown in the screenshot below.

    The above is complementary to the Data Protection measures implemented on your Magento store. Thus, you achieve an even better user experience and more complete GDPR compliance.

  • How to Download and Remove Account Data via GDPR Data Privacy Center

    Magento 2 GDPR, LGPD, and CCPA extensions add the Data Privacy Center page to your store, allowing your website visitors to manage personal data in one place. For example, order history, addresses, reviews, and other personal information collected by your website can be downloaded or deleted in a few clicks, which becomes an easy and painless process for a customer.

    How Customers Can Download Personal Data

    A user can download personal data in CSV format right from the Data Privacy Center:

    1. In Privacy Center, go to the Download your Data section.
    2. Click Download My Data and provide an account password to confirm the identity.
    3. Open the downloaded file in Microsoft Excel, Google Sheets, or other similar services.

    How Customers Can Request a Data Removal

    1. In Privacy Center, go to the Delete your Account section.
    2. Click Delete My Account, and provide your account password to confirm the deletion.

    Please note that it takes up to 24 hours for the system to delete the data permanently. However, if a user logs in again within this time, the data removal is automatically canceled. Additionally, customers can contact the Data Protection Officer and ask to cancel the request. In this case, a website admin cancels the request from the backend in the Data Removal Requests grid.

    How to Contact the GDPR Data Protection Officer

    The GDPR requires eCommerce store owners to assign a Data Protection Officer and let customers easily contact them.

    A customer can email the Data Protection Officer right from the Data Privacy Center by clicking the corresponding tab. Please note that you have to set the email address of a contact person from the backend.

    Are you interested in how Data Privacy Center works? Check the article for more details!

  • How GDPR Data Privacy Center Works

    What is Data Privacy Center

    Data Privacy Center is a part of Magento 2 GDPR Extension, as well as CCPA and LGPD modules designed to keep all data privacy settings and management options in one place. It helps your customers understand and see how you as a store owner handle their personal information. Additionally, the Magento privacy center is available for both logged-in users and unauthorized visitors.

    What Options are Available in Data Privacy Center

    GDPR Data Privacy Center allows your website visitors to manage their personal information used by your website and update their consents. In particular, your customers can:

    • Update cookie consent preferences
    • Update checkboxes consents
    • Download account data
    • Request a data removal
    • Contact data protection officer
    • View Cookie and Privacy Policies

    Where Customers Can Find Data Privacy Center

    All logged-in customers can access the Data Privacy Center in My Account -> My Privacy Center (see the screenshot below).

    How Guests Can Access Data Privacy Center

    GDPR Extension allows all unauthorized visitors to access the Magento Privacy Center. Guests can view and manage all collected information that is associated with their email address. They should go to the Privacy Center in the page footer that redirects to another page where the visitor should enter the email.

    After clicking on the Privacy Center link in the footer, unauthorized users are prompted to enter their email addresses in order to access their collected personal data. Once provided, they will get an email with instructions and a token-based link. The link takes users to the Privacy Center dashboard, allowing them to view and manage all collected data associated with the provided email address.

    Sometimes, users may see a popup window informing that there is no data associated with the entered email address.

    To sum up, Data Privacy Center provides all the necessary details for your customers in one place that can be accessed either by logging in to their account (for logged-in customers) or providing an email address (for guest users).

    Do you have any other questions? Feel free to contact our Customer Support!

  • How to Set Up Magento 2 GDPR Extension for EU Visitors Only

    The General Data Protection Regulation (GDPR) requires you, as an online store owner who collects customer data, to ask EU customers for consent to process their personal information. The best way to implement the proper GDPR compliance into your store is to use our Magento 2 GDPR plugin.

    The GDPR Extension helps your Magento 2 store meet the GDPR requirement. It includes GeoIP functionality allowing you to automatically detect the country where a user is located and personalize the data for that viewer. If you work with international customers, you can benefit from the GeoIP restrictions and collect privacy consents from EU visitors only.

    How to Display Cookie Notice to European Union Visitors Only

    Some countries do not require website visitors to accept or decline cookies, and there is no need to disturb such users with a cookie notice. The Geo-Targeting functionality within our GDPR Extension allows you to show cookie consent notice only to EU visitors. You can configure it in a few simple steps:

    1. In your Magento 2 backend menu, go to Plumrocket -> Cookie Consent -> Configuration.
    2. Expand the Main Settings tab.
    3. Set the Geo Targeting option to Only visitors from EU countries.
    4. Click Save Config to apply changes.

    How to Enable Consent Checkboxes for European Union Visitors Only

    The GDPR also requires merchants to get customer consent to use the personal data they provide on the website. Our module displays consent checkboxes on the Newsletter subscription popup, Registration, and Checkout pages, as well as other pages where customers can provide their personal information.

    By default, the consent checkboxes are set to be displayed to all website visitors. However, you may want to set them up to be shown to EU viewers only. Here is how to do it quickly with Magento 2 GDPR Extension:

    1. In your Magento 2 backend menu, go to Plumrocket -> Data Privacy -> Consent Checkboxes. Then, click Edit on the appropriate checkbox.
    2. Ensure that the Required option is enabled to collect all customer consents, which is needed to meet the GDPR requirements.
    3. Set the Geo-Targeting option to Only visitors from EU countries.
    4. Click Save Checkbox.

    Setting up geotargeting helps companies to conduct their business in the European Union legally. If you are concerned about the difficulty of ensuring proper GDPR compliance to your Magento 2 store, our GDPR Extension will do it all for you. We have considered all the essential details that help protect you as a seller and your site visitors.

    If you have any other questions regarding our Magento 2 GDPR Extension, please contact our support team!

  • When Does GDPR Come Into Force

    The General Data Protection Regulation (GDPR) comes into effect on May 25, 2018.

  • How do I know if General Data Protection Regulation (GDPR) is applicable to my business

    GDPR applies to your business if your company does business in the European Union or offers goods or services directly to individuals in the EU. So, for example if your company is located in the USA and doing business or processing the data of any individuals within the EU, you must comply with GDPR.

    Here is the list of countries in the EU affected by this regulation:

    • Austria
    • Belgium
    • Bulgaria
    • Croatia
    • Republic of Cyprus
    • Czech Republic
    • Denmark
    • Estonia
    • Finland
    • France
    • Germany
    • Greece
    • Hungary
    • Ireland
    • Italy
    • Latvia
    • Lithuania
    • Luxembourg
    • Malta
    • Netherlands
    • Poland
    • Portugal
    • Romania
    • Slovakia
    • Slovenia
    • Spain
    • Sweden
    • United Kingdom
  • How to Make my Magento Store Fully GDPR Compliant

    Please review the following GDPR checklist to determine if your Magento store is fully GDPR compliant:

    • Install the Plumrocket GDPR extension for Magento
    • Map your data - establish what data your business collects and where. This may include any third-party extensions or services your company is using. 
      • Contact the third party services you are using to confirm that they are fully GDPR compliant
      • Contact vendors of the third-party extensions you are using, to ensure that their extensions are GDPR compliant. Ask them if their extensions record any personal customer data in your Magento database. If they collect any personal data, they may become GDPR compliant by integrating their plugins with Plumrocket GDPR Extension using the provided API. 
    • Update your Privacy Policy. Ensure your privacy policy is updated to address the GDPR. Describe what, why and how you collect and use personal information of your customers, how you protect it and how customers can contact you.
    • Make your consent process clear, specific and transparent. Use the built-in consent functionality of Plumrocket GDPR extension to ensure that all customer opt-ins are recorded in the consent log.
    • Update your Cookie Policy and enable Magento cookie notice. 
    • Name a Data Protection Officer (DPO). It is a good business practice to appoint someone responsible for data protection within your company. Specify the email of the DPO in Plumrocket GDPR extension settings.
    • Put security measures in place:
      • Ensure your website is using HTTPS.
      • Guard against data breaches.
      • Store and process the information you collect on computer systems with limited access, which are located in controlled facilities. Ensure that your webhosting uses best-practice physical, environmental and digital security systems.
  • How does GDPR translate into my language
    • Danish - Persondataforordningen
    • Dutch - Algemene verordening gegevensbescherming (AVG)
    • Bulgarian - Общият регламент относно защитата на данните (ОРЗД)
    • Croatian - Opća uredba o zaštiti podataka (GDPR)
    • Czech - Obecné nařízení o ochraně osobních údajů (ONOOÚ)
    • Estonian - Isikuandmete kaitse üldmäärus
    • Finnish - Yleinen tietosuoja-asetus
    • French - Règlement général sur la protection des données (RGPD)
    • German - Datenschutz-Grundverordnung (DSGVO)
    • Hungarian - Általános adatvédelmi rendelet
    • Irish - An Rialachán Ginearálta maidir le Cosaint Sonraí
    • Italian - Regolamento generale sulla protezione dei dati
    • Latvian - Vispārīgā datu aizsardzības regula
    • Polish - Ogólne rozporządzenie o ochronie danych (RODO)
    • Portuguese - Regulamento Geral sobre a Proteção de Dados (RGPD)
    • Slovak - Všeobecné nariadenie o ochrane osobných údajov
    • Slovenian - Splošna uredba o varstvu podatkov
    • Spanish - Reglamento General de Protección de Datos (RGPD)
    • Swedish - Dataskyddsförordningen, allmänna dataskyddsförordningen, DSF
    • Ukrainian - Загальний регламент про захист даних
  • Which Cookies Are Disabled by Plumrocket GDPR Extension

    The Recital 30 of the GDPR states: 

    Natural persons may be associated with online identifiers provided by their devices, applications, tools and protocols, such as internet protocol addresses, cookie identifiers or other identifiers such as radio frequency identification tags. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.

    The idea is relatively simple: cookies can be used to uniquely identify a person, therefore they should be treated as personal data. It will affect those identifiers used for analytics and advertising, but also those used for functional services like chats and surveys.

    However, there is a difference between cookies. Cookies that are essential for normal website functioning cannot be disabled. The non-essential cookies should be disabled. The Plumrocket GDPR extension uses native Magento "Cookie Restriction Mode" functionality which, by default, allows only essential cookies to be created. The essential cookies are those necessary for providing the information requested by the user. All the other cookies are considered non-essential. Included here are identifiers used for analytics, cookies from advertisers or third parties, including affiliates and those that identify a user when he returns to the website. The GDPR is meant to target the non-essential category.

    The essential Magento cookies are strictly necessary for the normal website functions. These cookies cannot be switched off because the Magento store wouldn’t work properly anymore. However, these identifiers do not store any personal data. Try disabling ALL cookies in Magento and your website will become unusable. Customers will not be able to add products to a cart, login, etc.. 

    To summarize - the Plumrocket GDPR Extension will block all non-essential cookies until visitor consent is given. Only after the visitor consent is given (eg: "Allow Cookies" button is pressed), will the non-essential cookies will be created. 

Change Log of Magento 2 GDPR Extension

Last Update:  Nov 11, 2024
Legend:  - new feature - bug fix
GDPR Extension for Magento 2 - v2.1.1 Apr 13, 2023

v2.1.1 - Apr 13, 2023

  • Added support of Magento 2.4.6 version

v2.1.0 - Jun 06, 2022

  • Added support of Magento 2.4.4 version
  • Discontinued support of Magento 2.2.x

v2.0.1 - Nov 13, 2020

  • Added integration with Plumrocket LGPD Magento 2 Extension

v2.0.0 - Nov 05, 2020

  • GDPR bundle is released. Starting from this version all GDPR specific functionality is separated from the Data Privacy extension. This version of Magento GDPR bundle now includes a number of additional extensions - GDPR Addon, Data Privacy Extension, Cookie Consent Extension, Geo IP Lookup Extension.

v1.0.0 - Jul 19, 2018

  • Released GDPR Extension
Cookie Consent Extension for Magento 2 - v2.0.2 Nov 11, 2024

v2.0.2 - Nov 11, 2024

  • Expanded the default cookie list to include additional Google Analytics cookies
  • Optimized GTM initialization speed
  • Fixed an issue with updating GTM consents when the page reload is disabled after cookies are accepted or declined

v2.0.1 - Sep 12, 2024

  • Fixed CSP errors in inline JS

v2.0.0 - Apr 08, 2024

  • Refactored code structure and architecture to simplify integration with Hyvä themes
  • Added support of Magento 2.4.7 version

v1.11.2 - Feb 23, 2024

  • Fixed an issue where Consent Mode V2 types were not being applied

v1.11.1 - Feb 21, 2024

  • Added support of Google Consent Mode V2

v1.11.0 - Apr 03, 2023

  • Added support of Magento 2.4.6 version
  • Improved cookie blocking

v1.10.1 - Feb 13, 2023

  • Fixed updating the cookie settings popup when clicking the Accept All/Decline All buttons (with the setting to reload pages after accepting/declining cookies disabled)

v1.10.0 - Jan 23, 2023

  • Optimized extension for faster GTM initialization

v1.9.0 - Dec 16, 2022

  • Added support of YouTube privacy-enhanced mode

v1.8.2 - Nov 16, 2022

  • Fixed deleting cookies from the second-level domain

v1.8.1 - Nov 02, 2022

  • Added visualization to the Cookie Consent Banner display style setting in extension configurations

v1.8.0 - Oct 20, 2022

  • Added a new way to customize Cookie Settings Panel, now you can display it in a popup window

v1.7.0 - Oct 10, 2022

  • Fixed deletion of declined cookies in which the domain does not match the site's domain

v1.6.3 - Sep 28, 2022

  • Added the ability to translate more content for the Cookie Settings Panel directly from the extension backend

v1.6.2 - Sep 09, 2022

  • Fixed a PHP error that could occur when saving Consent Types configurations

v1.6.1 - Aug 29, 2022

  • Added support of Magento 2.4.5 version

v1.6.0 - Jun 01, 2022

  • Improved the Cookie Consent Log in the admin panel. Now guest visitor consents are logged, as well as the User Agent and page URL where a user gave their consent

v1.5.0 - May 05, 2022

  • Added support of Google Tag Manager Consent Mode, now the administrator can flexibly adjust how each individual Google Tag will work depending on the client's cookie agreement

v1.4.1 - Apr 12, 2022

  • Added support of Magento 2.4.4 version
  • Minor changes and improvements

v1.4.0 - Mar 21, 2022

  • Added a new way to integrate third-party scripts with the extension functionality, read more details in the updated Developer Guide
  • Minor changes and improvements

v1.3.0 - Feb 04, 2022

  • Migrated install/upgrade scripts to declarative schema
  • Discontinued support of Magento 2.2.x
  • Minor changes and improvements

v1.2.5 - Jan 28, 2022

  • Fixed the compatibility issue with the default Magento Cookie Restriction Mode. When a site visitor has accepted default Magento Cookie Restriction Notice, the Cookie Consent Banner provided by the extension does not appear
  • Minor changes and improvements

v1.2.4 - Oct 25, 2021

  • Minor changes and improvements

v1.2.3 - Sep 21, 2021

  • Fixed ACL settings for admin users
  • Minor changes and improvements

v1.2.2 - Jun 18, 2021

  • Fixed an issue with ModSecurity that prohibited the use of “*” (asterisk) in SQL queries and blocked access to the site (REQUEST-942-APPLICATION-ATTACK-SQLI rule). The use of “*” is changed to “all” when users accept all cookies

v1.2.1 - Mar 26, 2021

  • Fixed Cookie Consent Log grid filtering by Email field

v1.2.0 - Feb 17, 2021

  • Added the ability to add a link to the footer "Cookie Settings" which opens the Cookie Settings Panel
  • Added Cookie Settings Button widget to display "Cookie Settings" button or link
  • Added "Cookie Settings" link on the "My Privacy Center" page in the Data Privacy module
  • Resolved PHP error that occurred during module installation.
  • Fixed the setting Cookie Settings Panel → Decline Button → Show. The button disappears when enabled, previously it was always displayed regardless of the setting

v1.1.2 - Jan 28, 2021

  • Minor changes and improvements

v1.1.1 - Dec 10, 2020

  • Added the ability to set blur background under the Cookie Consent Banner
  • Added the ability to set cookies in a free format, such as cookie_ *, where the asterisk replaces any number of characters.
  • Minor changes and improvements
  • Fixed Cookie Consent Banner option - "Overlay Background Color"

v1.1.0 - Oct 16, 2020

  • Added the ability to display Cookie Banner as a pop-up
  • Added the ability to block the site (Full-Screen Cookie Wall) until a customer allows the use of cookies or configures cookies.
  • Added the ability to select the categories to be chosen in Settings Panel when a customer first enters to configure cookies by category

v1.0.2 - Sep 17, 2020

  • Corrected the display of the "Duration" field's description on "Edit Cookie" page in the backend.
  • “Decline All“ action is now recorded in a log when “Decline All“ or “Decline“ is selected.

v1.0.1 - Aug 05, 2020

  • Fixed a bug when Cookie Restriction Mode was always disabled if our module was disabled.
  • Fixed cookie "user_allowed_save_cookie", now the cookie is saved in the same format as it is saved by default in Magento.

v1.0.0 - Jul 30, 2020

  • Created Cookie Consent Magento 2 Extension
Data Privacy Extension for Magento 2 - v3.5.3 May 16, 2024

v3.5.3 - May 16, 2024

  • Added support of Hyvä themes
  • Added support of Magento 2.4.7 version

v3.5.2 - Jun 13, 2023

  • Removed dynamic property to ensure compatibility with PHP 8.2

v3.5.1 - Apr 12, 2023

  • Added support of Magento 2.4.6 version

v3.5.0 - Dec 22, 2022

  • Added the ability to edit and translate the Privacy Center content from the extension configuration page

v3.4.1 - Nov 18, 2022

  • Fixed the checkbox display on the My Consents page

v3.4.0 - Aug 29, 2022

  • Updated integration with Magento 2 Social Login Pro extension
  • Minor changes and improvements

v3.3.1 - Jun 22, 2022

  • Fixed an error in db_schema that occurred when installing the extension

v3.3.0 - Jun 06, 2022

  • Added the ability to automatically delete inactive account data
  • Added support of Magento 2.4.4 version
  • Migrated install/upgrade scripts to declarative schema

v3.2.1 - Feb 02, 2022

  • Fixed anonymization of user emails in the Removal Requests grid

v3.2.0 - Dec 02, 2021

  • Added the ability to delete and anonymize user data from the admin panel
  • Minor changes and improvements

v3.1.0 - Oct 25, 2021

  • Improved module architecture to simplify customizations and third-party integrations
  • Discontinued support of Magento 2.2.x

v3.0.3 - Apr 08, 2021

  • Fixed the display of the My Consents link on the My Privacy Center page. Now it is hidden from guests. Previously, when clicking on the My Consents link, guests were redirected to a 404 page.

v3.0.2 - Dec 21, 2020

  • Added integration with Plumrocket Popup Login extension.

v3.0.1 - Nov 13, 2020

  • Added integration with Plumrocket LGPD Magento 2 Extension

v3.0.0 - Nov 05, 2020

  • From this version CCPA and GDPR functionality has been separated into two new products. Please check CCPA Extension and GDPR Extension changelogs for more information.

v2.0.4 - Oct 23, 2020

  • Resolved PHP error of sorting Consent Log grid by Email field.

v2.0.3 - Aug 28, 2020

  • Fixed error “Registry key "prgdpr_skip_save_consents" already exists“ that occurred while registering via social network using Social Login Pro

v2.0.2 - Aug 13, 2020

  • Added compatibility with PHP 7.4
  • Minor changes and improvements
  • Fixed error “We can't save the customer“ occurred during registration with a subscription

v2.0.1 - Aug 01, 2020

  • Fixed issue with consent checkboxes disappearing when customers switch payment methods at the checkout on IE 11

v2.0.0 - Jul 30, 2020

  • Renamed extension to Data Privacy
  • CCPA functionality is separated into CCPA extension (included with this version of Data Privacy extension)
  • Cookie management functionality is separated into Cookie Consent extension (included with this version of Data Privacy extension)
  • Added support of widgets in CMS page that is displayed in a pop-up related to consent checkbox

v1.7.6 - Jul 09, 2020

  • Fixed PHP error that appeared when personal data was downloaded.

v1.7.5 - May 25, 2020

  • Added integration with Newsletter Popup extension

v1.7.4 - Apr 08, 2020

  • Fixed the bug with data export for Magento Cloud

v1.7.3 - Mar 16, 2020

  • Fixed errors when exporting or deleting the data

v1.7.2 - Feb 27, 2020

  • All guests consents are recorded and can be viewed in 'Log of Customer Consents' in the backend
  • Fixed an issue with check-box displayed on "My Consents" page not related to Geo Location of the customer

v1.7.1 - Feb 19, 2020

  • Fixed error that was displayed during the module update to the latest version

v1.7.0 - Feb 18, 2020

  • Added "My consents" page

v1.6.0 - Jan 30, 2020

  • Added a possibility to upload and delete personal information for guests.

v1.5.1 - Jan 27, 2020

  • Fixed compatibility with Magento 2.2.0

v1.5.0 - Jan 13, 2020

  • Added an ability to enable CCPA functionality only for California Residents
  • Improvements of "Do Not Sell My Personal Information" for the guests
  • Minor changes and improvements

v1.4.5 - Dec 20, 2019

  • CCPA update: Added "Do Not Sell My Personal Information" Page for guests and customers. All requests are now recorded in a separate data grid in Magento backend.

v1.4.4 - Dec 13, 2019

  • Added support for California Consumer Privacy Act of 2018 ('CCPA')

v1.4.2 - Oct 28, 2019

  • Fixed the issue with the configuration of Consent Location check-box

v1.4.1 - Oct 04, 2019

  • Fixed error in XMLHttpRequest on account's page
  • Fixed error with duplicated pop-up display after clients confirmation

v1.4.0 - Jun 28, 2019

  • The consent checkboxes are moved to the separate grid in backend
  • Added possibility to create the custom locations for consent checkboxes
  • The simplified custom display of consent checkboxes on any page
  • Discontinued support of Magento 2.1.x
  • Fixed issue with data export of Magento customer on the nginx servers

v1.3.1 - Mar 25, 2019

  • Improved compatibility with smartwave themes
  • Fixed issue with customers' data removal on their demand
  • Minor improvements and fixes

v1.3.0 - Jan 25, 2019

  • Added the support of Magento Enterprise
  • Fixed a bug for Single Store Mode

v1.2.0 - Oct 25, 2018

  • Added a possibility to make checkboxes optional
  • Add new position where checkboxes can be located - Contact Us page
  • Added possibility to Decline Cookies
  • Fixed issue with clicking on checkbox link, when CMS is not set for it
  • Optimized the consent logs recording process
  • Minor changes and improvements

v1.1.1 - Oct 18, 2018

  • Improved support of SmartWave Porto Magento Theme
  • Improved support of Infortis Ultimo Magento Theme
  • Improved support of Weltpixel Pearl Magento Theme
  • Fixed argument error on Checkout Page
  • Fixed error with Amazon Pay on Checkout Page

v1.1.0 - Sep 20, 2018

  • Added integration with Plumrocket GeoIP Lookup Magento extension
  • Added tracking of cookies consent in admin logs
  • Fixed incompatibility issues with Magento versions 2.1.x
  • Fixed error that occurred during export of wishlist products, that are out of stock
  • Minor improvements
  • Minor bug fixes

v1.0.1 - Sep 13, 2018

  • Fixed error on the checkout when extension is disabled
  • Minor improvements

v1.0.0 - Jul 19, 2018

  • Released GDPR Extension for Magento 2
GeoIP Lookup Extension for Magento 2 - v2.0.1 Nov 04, 2024

v2.0.1 - Nov 04, 2024

  • Fixed test connection functionality for ipapi.com integration

v2.0.0 - Aug 20, 2024

  • Optimized the extension to reduce the load on the Magento database
  • Updated IpToCountry and Maxmind GeoIP integrations, now they work with mmdb (MaxMind DB format) files
  • Optimized the overall extension performance

v1.3.5 - Oct 12, 2023

  • Added support of HTTPS for ipapi professional plans

v1.3.4 - Apr 12, 2023

  • Added support of Magento 2.4.6 version

v1.3.3 - Oct 13, 2022

  • Fixed duplicate display of extension information on the configuration page

v1.3.2 - Aug 31, 2022

  • Added support of Magento 2.4.5 version

v1.3.1 - May 11, 2022

  • Fixed extension installation error related to invalid db_schema.xml

v1.3.0 - May 02, 2022

  • Added support of Magento 2.4.4 version
  • Discontinued support of Magento 2.2.x
  • Migrated install/upgrade scripts to declarative schema

v1.2.5 - Oct 25, 2021

  • Updated the Iptocountry base
  • Minor changes and improvements

v1.2.4 - Mar 30, 2021

  • Minor changes and improvements

v1.2.3 - Dec 21, 2020

  • Minor changes and improvements
  • Resolved an issue of identifying a user's IP address if a site uses Cloudflare CDN

v1.2.2 - Jul 30, 2020

  • Added integration with Cookie Consent extension.

v1.2.1 - Jul 14, 2020

  • Minor changes and improvements

v1.2.0 - Jul 07, 2020

  • Discontinued support of Magento 2.1.x
  • Added integration with Cookie Consent module.
  • Changed API URL format
  • Fixed 500 Internal Server Error when using GeoIP API

v1.1.3 - Dec 13, 2019

  • Added support for CCPA
  • Minor fixes in the design of the backend

v1.1.2 - Oct 04, 2019

  • Updated code to be in line with the latest Magento coding standards (EQP3)

v1.1.1 - Apr 03, 2019

  • Minor improvments

v1.1.0 - Nov 21, 2018

  • Added the support of service priority selection via code and API
  • Improved support of IpApi.com (previously called Nekudo)
  • Optimized Maxmind performance

v1.0.0 - Sep 20, 2018

  • Created GeoIP Lookup for Magento 2