The solution for GDPR compliance + more. Get your cookie banner, privacy policy, terms and conditions and handle cookie consent in just one plugin.
The iubenda plugin is an all-in-one, extremely easy to use 360° compliance solution, with text crafted by actual lawyers, that quickly scans your site and auto-configures to match your specific setup. It supports the GDPR (DSGVO, RGPD), UK-GDPR, ePrivacy, LGPD, CPRA / CCPA, CalOPPA, PECR and more, and seamlessly integrates with the latest versions of Google Consent Mode and IAB’s TCF.
It allows you to:
And of course, basic set-up is completely free.
This all-in-one plugin lets you integrate all iubenda compliance solutions in a single install and basic set-up is completely free.
⚡️ The plugin scans your site and auto-configures everything based on your site’s specific needs.
⭐ All our solutions are fully responsive (perfect for all screen sizes) and WCAG Level AAA Compliant.
They’re auto-updated when the law changes so that they’re always up-to-date and our built-in site scanner runs periodic scans on your site and alerts you if it detects something that should be added to your compliance documents.
Our solutions support the GDPR (DSGVO, RGPD), UK-GDPR, ePrivacy, LGPD, CCPA / CPRA, VCDPA, CalOPPA, PECR and more.
Includes cookie banner/CCPA notice, and cookie consent management (blocking scripts until consent is collected as legally required). Free basic setup and full CCPA support.
This solution lets you generate professional privacy and cookie policies in minutes.
Collect consent, document opt-ins and opt-outs via your web forms. This solution smoothly integrates with your consent collection forms to auto-create legally required GDPR and LGPD consent records.
About Legal requirements and Consent Records
These records should include a userid, timestamp, consent proof, record of the consenting action, and the legal documents available to the user at the time of consent, among other things.
This plugin is THE most complete solution for recording, sorting and maintaining GDPR & LGPD records of consent for optimal privacy compliance.
The plugin also boasts built-in compatibility with WordPress comment form, Contact Form 7, Elementor forms and WP Forms plugins for your convenience, but can be manually integrated with any type of web-form and can even store consent proofs for consents collected offline (e.g in-store sign-ups) via WP media upload.
Create your terms and conditions in minutes.
Customizable from hundreds of combinations, available in 10 languages, powerful and precise — our solution is capable of handling even the most complex, individual scenarios. Optimized for e-commerce, marketplace, SaaS, apps and more.
The iubenda plugin makes use of two iubenda services:
We help companies all over the world to keep their websites and apps compliant with international privacy laws for optimal peace of mind. More here.
Our services are currently available in the following languages:
All our solutions and plugins are regularly updated and well maintained to ensure that you’re always protected.
You can access our friendly support in multiple languages (currently EN, IT, DE, FR, PT, PT-BR) via [email protected], our onsite chat(just click the green Help button on the right side of the page).
Other links:
Scan and Automate your website's legal requirements
Easily customize your cookie banner & consent settings to suit your branding and needs
Cookie banner? Yes, but not only. Meet all the privacy compliance requirements
If you're already one of 1 M+ iubenda users you can integrate all solutions with WordPress in minutes
Capture, store and manage GDPR & LGPD consent records for your webforms
Auto-detects and blocks all the most common trackers prior to consent
If you are experiencing troubles updating to the latest version, please ensure that your cookie banner is correctly activated and configured, and you’ve cleaned up you WordPress cache. In case of emergency, you can safely rollback to the previous version by using WP Rollback.
Our extensive documentation makes it easy for you to learn all you need to know about compliance and how to use iubenda’s products on your site or app. You can access it here. You can also visit our support forum here.
A good rule of thumb is to always comply with the laws of the region where you are based as well as the region or country in which the users you target are based.
📌 However, for an even easier, more specific way to tell which laws apply to you, you can simply take this 1-minute quiz.
If you’re based in the European Union – including the UK – or target EU users, and your website uses cookies or trackers (which it most likely does), then, yes, you do need a cookie notice.
A privacy policy is a legal requirement almost everywhere in the world. You need it because under most countries’ laws, you’re legally required to inform your users about the data you’re collecting and how you’re processing them.
Find out what should be in a privacy policy here.
While Terms and conditions aren’t always legally mandatory, they’re always recommended. They help you protect you and your business from legal liabilities.
However, please note that if you run an e-commerce, then you’ll most likely need terms and conditions, as they usually contain legally mandatory information related to commerce.
GDPR stands for General Data Protection Regulation (Regulation (EU) 2016/679). The GDPR specifies how personal data should be lawfully processed (including how it’s collected, used, protected or interacted with in general).
While it was still an EU member state, the UK was very instrumental in the creation of the GDPR and therefore, Post-Brexit, has adopted the UK-GDPR – which currently is essentially the same as the European GDPR.
DSGVO & RGPD are, respectively, the German and Spanish translations of the English acronym of the General Data Protection Regulation (GDPR).
Learn more about the GDPR here.
In effect since 2002, the ePrivacy Directive (Cookie Law) was created to put guidelines in place for electronic privacy, including email marketing and cookie usage.
Under the Cookie law, organizations that target users from the EU must inform users about data collection activities and give them the option to choose whether it’s allowed or not.
This means that if your site/app (or any third-party service used by your site/app) uses cookies or similar technologies, you must first obtain valid consent prior to the installation of those cookies, except where they fall into the exempt category.
In practice, you’ll need to:
You can learn more about how the ePrivacy and GDPR interact in regards to cookies and trackers here.
The Privacy and Electronic Communications Regulations 2003 (PECR) is the UK’s implementation of the EU’s ePrivacy directive and set’s out rules for electronic privacy
California’s most well known Privacy Laws are some of the most robust in the United States. They are both relevant to you if you likely have users that are based in the state of California.
California Online Privacy Protection Act (CalOPPA) – since 2002
Law requires commercial websites and services to have a privacy policy.
The document:
California Consumer Protection Act (CCPA)
*Note that in the case of minors, they are granted the right to Opt-in. *More about the CCPA here.
The Brazilian General Data Protection Law, the Lei Geral de Proteção de Dados Pessoais, (LGPD) can be considered as Brazil’s answer to the GDPR – with the Brazilian law aligning with the EU Regulation in many ways, while differing in others. You can learn more about it here.