Navigating the complex world of data privacy regulations like the GDPR (General Data Protection Regulation) for the European Union and the CCPA (California Consumer Privacy Act) for California can feel overwhelming for any website owner. The risk of severe fines and reputational damage makes compliance a non-negotiable priority. The GDPR & CCPA CMP for WordPress by createit-pl is a comprehensive, all-in-one toolkit designed to automate this process, ensuring your site meets both legal standards without requiring a legal degree. With over 9,300 sales, it stands as a trusted solution for turning a complex legal requirement into a simple, manageable task.
Key Features
- Dual-Regulation Compliance (GDPR & CCPA): Designed from the ground up to handle both the European GDPR and the California CCPA simultaneously. It addresses the specific requirements of each, including the “Right to be Forgotten,” data access requests, and the CCPA’s “Do Not Sell My Personal Information” mandate.
- Advanced Cookie Consent & Management: Features a sophisticated cookie consent banner with over 34 pre-built styles and 15+ cookie notice skins. It includes a powerful one-click cookie scanner that automatically detects every cookie on your site, whether first-party or third-party, and allows you to manage them from a central dashboard.
- Google Consent Mode v2 & TCF 2.2 Support: Fully integrates with Google Consent Mode v2 and the IAB Europe’s Transparency & Consent Framework (TCF) 2.2. This ensures that your Google Ads and Analytics tags dynamically respect user consent choices, a critical feature for maintaining ad revenue and accurate analytics.
- One-Click Cookie Scanner: This built-in tool quickly crawls your entire website to identify every cookie, script, and tracker used. It provides detailed information about each cookie—including type, purpose, and expiry—and automatically populates the cookie list for your users.
- Geolocation & Conditional Functionality: You can enable a geolocation service to detect if a visitor is from the EU or California. This allows you to hide the cookie banner or GDPR functionalities for users outside these jurisdictions, preventing unnecessary friction for international visitors.
- Multi-Language & Professional Translation: The plugin includes professionally human-translated versions in 17+ languages (including German, French, Spanish, Russian, Polish, and Dutch) for both the user interface and the TCF modal, crucial for global audiences.
- Comprehensive Subject Rights Forms: Built-in, easy-to-use forms allow users to access their personal data, request deletion (Right to be Forgotten), rectify incorrect data, and unsubscribe from data processing. Administrators receive email notifications for these requests.
- Extensive Plugin & Theme Compatibility: Tested and compatible with a vast ecosystem of popular tools, including WooCommerce, Contact Form 7, Gravity Forms, BuddyPress, Divi, Avada, Facebook Pixel, WPML, and Polylang.
Who Is This For? Use Cases
The GDPR & CCPA CMP for WordPress is built for anyone running a WordPress website that has visitors or customers from the European Union or California. It eliminates the guesswork from legal compliance, making it suitable for a wide range of users.
Small Business Owners & Solopreneurs
For a local bakery in Berlin or a freelance consultant in Paris serving EU clients, the cost and complexity of legal compliance are daunting. This plugin offers a hands-off solution. You can install it, run the automated cookie scan, and have a compliant cookie banner and privacy policy system running in under an hour, for a single, affordable price of $24. This saves you thousands in potential legal fees and fines.
E-commerce Store Operators
If you run a WooCommerce or Easy Digital Downloads store that ships to multiple countries, you need airtight compliance. This plugin integrates directly with your checkout, adding consent checkboxes and ensuring your store handles user data requests correctly. Its compatibility with Google Consent Mode v2 is particularly critical for e-commerce stores that rely on Google Ads and conversion tracking, as it ensures your ad pixel only fires with user consent.
Digital Agencies & Web Developers
For professionals managing multiple client sites, this plugin is a scalable efficiency tool. You can use it to quickly make any client site compliant. The geolocation feature is a huge bonus, allowing you to tailor the experience for a client who operates in both the US and the EU. The robust support and regular updates from createit-pl provide the reliability agencies need to recommend a solution with confidence.
Bloggers & Content Creators with an EU Audience
A travel blogger in New York whose content is read by a large European audience must comply with GDPR. This plugin allows you to scan for cookies added by embedded YouTube videos, Facebook share buttons, and analytics scripts, then block them until consent is given. The clean, customizable design of the cookie box ensures it doesn’t detract from the aesthetics of your premium theme.
Technical Details & Compatibility
This plugin is built for modern WordPress environments and is rigorously maintained by createit-pl. The extensive changelog shows a pattern of more than 20 updates in the last two years, demonstrating active development and responsiveness to new regulations like Google Consent Mode v2 and TCF 2.2.
- Compatibility: Tested with WordPress up to version 6.7.2 and WooCommerce up to 9.6.x. It is also confirmed compatible with PHP 8.x, ensuring it runs smoothly on modern hosting stacks.
- Key Integrations: Works out-of-the-box with major page builders (WPBakery, BeaverBuilder, SiteOrigin), caching plugins (WP Rocket), security plugins (Wordfence), and form builders (Gravity Forms, Contact Form 7, Ninja Forms).
- Last Update: The most recent feature update (version 5.4) was released in February 2026, adding Google Tag Gateway compatibility. This frequent update cycle ensures the plugin remains compatible with the latest laws and WordPress core changes.
- Browser Support: Fully functional across all modern browsers including Chrome, Firefox, Safari, and Edge, with specific bug fixes in the changelog for mobile and iOS devices.
Pros and Cons
Pros
- Truly All-in-One: Covers everything from cookie scanning to managing user data access requests. You don’t need multiple plugins for GDPR and CCPA.
- Proven Track Record: With over 9,311 sales, it is one of the most popular and trusted GDPR solutions in the Envato marketplace.
- Future-Proof Compliance: Strong support for the latest regulations like Google Consent Mode v2 and TCF 2.2 ensures your site remains compliant as standards evolve.
- Excellent Value: At $24.00 with a single license, it is significantly more affordable than many competing subscription-based compliance services.
- Active Development & Support: Frequent updates from createit-pl with a clear changelog show a commitment to maintaining the plugin’s relevance and security.
Cons
- Not a Legal Substitute: As the developer explicitly states, this plugin is a tool to help you comply, not a replacement for professional legal advice. You must still review your privacy policies.
- Can Be Feature-Heavy: For a simple blog, the sheer number of settings and features might feel overwhelming. Some basic cookie consent plugins have a simpler, more straightforward interface.
- Bundled Plugin Dependencies: The plugin includes a bundled version of Advanced Custom Fields (ACF) Pro. While this is usually seamless, conflicts with existing ACF installations have been reported (and fixed) in older versions.
Frequently Asked Questions
Is this plugin compatible with Google Consent Mode v2?
Yes, absolutely. The changelog explicitly documents the addition of Google Consent Mode v2 support in version 5.3 (March 2024) and has been further refined in subsequent updates. The plugin integrates with Google Tag Manager (GTM) to update the `window.dataLayer` based on user consent changes, ensuring your Google Ads and Analytics tags behave in compliance with the new regulation.
Does the plugin support multi-language websites, including WPML or Polylang?
Yes, the plugin offers excellent multilingual support. It includes professionally translated versions of its user-facing modals and labels in over 17 languages. Furthermore, version 5.3.2 added dedicated WPML support for the TCF modal, and it has long-standing compatibility with Polylang, allowing you to manage cookie consent seamlessly across your translated site.
Can I hide the cookie consent banner for visitors from non-EU countries?
Yes. The plugin has a built-in geolocation feature that uses a regularly updated IP database. You can easily enable the option to check if a user is from the European Union or California (for CCPA). With a single click, you can hide the entire plugin interface (cookie banners and consent forms) from users outside these specific jurisdictions, creating a frictionless experience for the rest of your audience.
Final Verdict
The GDPR & CCPA CMP for WordPress by createit-pl is more than just a cookie banner plugin; it is a comprehensive data privacy management system. Its strength lies in its ability to handle the entire compliance lifecycle—from the initial cookie scan and consent collection to managing individual data subject rights—all from your WordPress dashboard. With over 9,300 sales and a consistent update history that keeps pace with major regulatory shifts like Google Consent Mode v2 and TCF 2.2, it has earned its place as a top-tier solution. Priced affordably at $24, it offers immense value, especially when weighed against the potential costs of non-compliance. For any serious website operator needing to navigate the complexities of GDPR and CCPA without the headache, this plugin is an indispensable investment.
