Log in or create an account
If you have an account with us, please log in.

You have no items in your shopping cart.

GDPR for Magento 2

Magento 2 GDPR extension is designed to help online stores comply with the latest legislative EU requirements and strengthen the data security and privacy. Make sure that your business gets as many customers' consents as possible to be ahead of competition!
  1. Collect users consents on the registration, checkout and contact us pages
  2. Ask users for privacy consents in the newsletter subscription form
  3. Let customers download and anonymise their personal data
  4. Receive customers deletion requests and manage them in one place
  5. Notify customers about all operations with their personal data
  6. Create, update and delete privacy policy documents in one place
View Extension Demos
See User Guide
Provide the best experience for customer from different countries and groups:
GDPR for Magento 2


Magento 2 GDPR is designed to strengthen the data security and privacy in your online store: ask users for privacy consents, allow customers to download, anonymise and delete their personal data, change your data protection policy and ask customers to agree with the new terms.


Avoid penalties for breaching GDPR by observing users civil rights
Increase customers’ loyalty and confidence by protecting their data
Collect and process customers data in a transparent and efficient way


Apply cookie policy bar to make users give their privacy consents

Get users privacy consents from the registration page

Ask users for privacy consents while making orders and payments

Add privacy consent checkbox on contact us page

Ask users to tap privacy checkbox while subscribing to the newsletter


Ensure online privacy by providing users with cookie usage control

With the all-in-one solution, you get additional functionality of Magento 2 Cookie Consent to cover all requirements of the EU legislation concerning cookie usage. Let customers control their cookie usage and thus avoid fines for breaking the law.

Increase customers confidence by protecting their personal data

GDPR EU implies changes in the way users interact with their personal data on the web. In particular, store customers must have the ability to download their personal information, anonymise it, or delete all personal data.


Notify customers about the updated privacy policy

Inform customers about the account anonymisation

Let your store admin know about new personal data deletion requests

Notify customers about the account deletion

Inform customers about the reasons why the account wasn’t deleted


Manage privacy policy documents and consents on a handy grid

Magento 2 GDPR helps you to get under control all GDPR-related activities in your store. In particular, the extension allows you to manage all customers with and without consents, monitor cookie policy consents and related action logs, and track all privacy policy documents versions.


Easily configure a cookie policy bar according to your preferences: choose its location on the page, background color, buttons color, buttons text color, main text color, and links color. Get more consents from visitors with a unique cookie policy bar!

gdpr for magento 2

Expert Opinion
What Experts Say?
Failing to comply with GDPR can come with some very steep consequences. If a data breach occurs because of non-compliance, a company can be hit with fines as high as €20 million or 4% of the company’s annual global revenue, whichever amount is greater.
Angela Petteys // TRAFFIC Digital Agency
Deep experience in SEO/SEM, Paid Search, Website Design and Social Media Management

More Features for Magento 2 GDPR

  • Display the privacy policy consent checkbox only for EEA countries
  • Not display the privacy policy consent checkbox until the current policy will be updated
  • Manage all existing cron tasks on a handy Cron Tasks List grid in the backend
  • Create a mailing list to send privacy policy updates
  • Let customer revoke a consent
  • Specify which cookie files won't be used for customers
  • Detect customer location via GeoIP, with IPv6 support
  • Restrict access to a website until a customer gives a consent to the cookie policy
  • Track customer consents email queue in a handy grid
  • Export list of customers by given consents
  • Upload the latest Geo IP Database
magento 2 google page speed optimizer

Save $99 and get fully compliant with both GDPR and EU Cookie Law with the included Magento 2 Cookie Consent extension.

Magento 2 GDPR: fast answers to troubling questions

What GDPR means?

GDPR is the result of the EU’s data protection reform. It’s a new regulation that is aimed to enable a set of information protection standards in order to (a) clear up how EU residents’ personal data is utilized by international businesses and (b) make them protected from privacy and data breaches.

Why does the GDPR exist and when does it come into force?

In far 2012, there were outlined plans for data protection reform. Later they were approved by the EU parliament, and the regulation, as we see it today, entered into force in May 2018. Now the law affects any e-commerce business even outside the EU.

What types of privacy data does the GDPR protect?

In simple terms, the law is developed to prevent the possibility to single out, contact, locate a person through their data.

Thus, you can’t collect/process users’:

  • race and ethnicity;
  • political, religious, philosophical beliefs, union membership;
  • medical diagnosis, the provision of treatment, sex life and sexual orientation;
  • any users’ genetic or biometric data.

What does GDPR compliance mean for e-commerce businesses?

To keep your Magento 2 GDPR-compliant, you need to:

  • define your role;
  • give your site visitors a clear notion of their data collection, if any;
  • make sure they know their personal data can be processed, anonymized or deleted on the consent/request;
  • respect their right to correct the personal data.

Find more information on how to devise Magento GDPR strategy.

Magento and GDPR

On top of the preparations, Magento called e-store owners to review some areas of their business. This particularly applies to plugins that gather or/and process such data. In our turn, we upgraded all our extensions that have something to do with it and released our GDPR modules. These extensions are aimed to solve the main challenges posed by the new regulations.

Product questions

What the Accept Cookies popup is for and what data is being collected?

Cookies Policy acceptance is just a notification to the customer that the cookies are collected. Read the full answer to get more information.

Is Amasty GDPR extension compatible with PayPal?

Yes, our GDPR extension is fully compatible with PayPal payment method.  Follow the link below to get more information. 

How to create a customer account without consent to Privacy Policy?

All new customers must accept Privacy Policy terms since this field is required. Read the full answer to get the detailed explanation.

Reasons to choose

Other Features

  • 100% Open Source — Easy To Customize
  • Follows Magento Code Architecture
  • Separated HTML/CSS/JS
  • Simple installation via Composer
* The name "Magento" and the logo are the trademarks of Magento, Inc.
Simple installation and easy to use
Installed swiftly by Amasty and easy to use and edit with handy tips. Support was great and very helpful and informative.
Dean Gorton
Good but needs more design options
I liked this product, managed to install myself. The only problem was with a cookies bar. It was located only down all in black and white. My customers are old people they can’t concentrate too good, so oftentimes they missed that bar and got angry that couldn’t go forward to the checkout. It would be nice if they made possible customizing the bar colors and size.
One of best buys
When they started that GDPR policy I thought we wouldn’t meet it. We fought much to make it work. Now customers have no chance to escape info about how we use their data. We activated the privacy policy bar at every place settings allow. We had an issue with email texts, it was only possible to send in english. But many of my customers are of Indian descent, so they only use very simple english if any. But a couple of days ago this was fixed now all works fine.
Looks like the developers got consultation from a lawyer
I must admit the module itself and support crew indeed has a focus on real business users like me, who need to comply with all aspects of this, let's say, cumbersome privacy-related stuff
Tony Matthews

Write Your Own Review

You're reviewing: GDPR for Magento 2

You can always download the recent version free of charge from your account

Installing an upgrade is easy — check now

My Downloads
Version 1.6.1
Last Update: Jul 04, 2019
  • unit tests were added to the Geo IP Data module
  • we added the field with allowed URLs for the feature that disallows customer interaction with the website before accepting the cookie policy. Thus some pages could be accessible by customers
  • the code of the Geo IP Data module was refactored
  • we enhanced the compatibility with the third-party extensions
Version 1.5.6
Last Update: Jun 11, 2019
  • introducing a Cookie Management page. Now a user is able to activate or deactivate certain cookie groups. Admin is able to create new groups for cookies.
  • added setting to enable/disable extension
  • the Privacy Police checkbox validation process was enhanced, solving possible issues on the checkout page
  • IPv6 support was added to Geo IP detection.
  • the possibility to upload the latest Geo IP Database was added
  • consent validation at the checkout page was improved. Possible issues on the payment step were resolved
  • the compatibility of Geo IP Data module with Magento 2.1.x was enhanced
  • the issue with text color of Cookie Policy Bar affected to other text in Magento was resolved
  • the issue with Privacy Policy text for different store views after cloning an existing policy was resolved
  • the issue with changing the status of privacy policy was resolved
  • the issue with clicking on the privacy policy checkbox label without checking the checkbox was resolved
  • the issue with the translation of the privacy policy popup button text was resolved
  • the issue with the translation of the checkout page Privacy Policy checkbox title was resolved
  • error on the policy grid was fixed
Version 1.4.8
Last Update: Feb 05, 2019
  • now it is possible to create a link to the Privacy Policy via the 'Amasty Privacy Policy' widget.
  • we have added Ajax to the allowing/disallowing cookies. No page reload will happen after action with cookies.
  • introducing the cookie policy consents grid. When a customer allows, disallows or revokes cookie policy, the action is recorded to the grid with all accompanying data
  • the translation of the Current Password label was added
  • the privacy policy popup load process was improved reducing the total page size
  • the inline edit was added to the privacy policy grid.
  • the extension's cooperation with Full Page Cache was improved
  • the compatibility with Magento 2.1.9 Enterprise was enhanced. The error while opening the privacy policy grid in the admin panel was fixed.
  • the issue with two checkboxes at the Contact Us page was resolved
  • the issue with deletion of account if the DoB and the Gender are required fields was resolved
  • the issue with disabling all privacy policies was resolved
  • the issue with not including multiple addresses in a customer information file was resolved
  • the issue with sending the text of the privacy policy for the wrong store view in the customer consent request email was resolved
  • the "Element with ID 'amasty_gdpr_checkbox' already exists" issue on the contact page wile submission was resolved
  • the issue with wrong geolocation detection was resolved
  • the issue with the possible error on the Cookie Policy Consents page was resolved
Version 1.3.0
Last Update: Oct 19, 2018
  • the ability to revoke the cookie concent was added
  • the ability to restrict the access to the website until the cookie consent is given was added
  • the notification for an admin on the customer's personal data delete request was added
  • now the "customers with consent" grid contains more data: the website/store view, the place of the given consent and the IP address of the customer
  • the new privacy policy state "Draft" was added
  • the personal data anonymization process was improved for the Invoice/Shipment grids
  • the email on the privacy policy update was enhanced
Version 1.2.2
Last Update: Oct 17, 2018
  • now the list of EU countries is editable from the admin panel
  • now the cookie bar can be placed at the top of the screen
  • the ability to switch ON/OFF personal data anonymization, deletion and download actions for customers was added
  • The ability to show privacy Policy confirmation checkboxes on the "Contact Us" and "Newsletter Subscription" forms were added.
  • the ability to anonymize personal data of an order made by a guest was added
  • the process of saving a customer's consent was improved
  • now, when a customer accepts the actual version of the privacy policy, he will not be asked to accept it again until the new version of the policy will be released. The update reduces the number of actions for registered customers to purchase products as
  • the possibility to edit an active privacy policy was disabled
  • Now a privacy policy sample is created during the extension's installation process
  • the possible issues with not working consent checkbox on the checkout page were resolved
Version 1.1.7
Last Update: Sep 03, 2018
  • the ability to adjust the cookie policy bar style was added
  • the ability to manage the cookie policy bar was added
  • the ability to disallow optional cookies was added
  • the ability to anonymize the 3rd party extension customer attributes was added
  • now, a customer can download, anonymize or delete its personal data only after entering the password
  • the notification for a customer when an account has been deleted was improved
  • the stability enhancement was implemented
  • the extension settings was slightly improved
  • the stability enhancement was implemented
  • the compatibility with the 3rd party checkout extensions was improved
  • the issue with the email language was resolved
  • the issue with the customer login URL in the consent emails was resolved
  • the possibility of appearing JS errors was resolved
  • the issue with cookie policy bar links was resolved
  • the issue with the page reload when clicking on the policy was fixed
Version 1.0.2
Last Update: Jul 05, 2018
  • the location detection via GeoIP data was improved
  • the extension's translation file was enhanced
Back to top