Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
MaxSite CMS is a free, open-source content management system built in PHP, designed as a lightweight alternative to WordPress. It runs on any standard web hosting with PHP and MySQL support. As a self-hosted CMS, all data remains on the server controlled by the website owner. MaxSite CMS uses session cookies for administration and does not send data to external services by default. It includes the Albireo framework, CSS utilities, and landing page tools. Privacy impact depends entirely on the plugins and third-party services the website owner chooses to integrate.
MaxSite CMS is a free, open-source content management system developed in PHP. Positioned as a modern and lightweight alternative to WordPress, it is designed to run on any standard web hosting environment with PHP and MySQL support without creating excessive server load.
MaxSite CMS is a self-hosted solution, meaning all website files, databases, and content are stored on the server chosen and controlled by the website owner. The CMS provides a template system for building websites, an integrated Albireo framework for rapid development, CSS utility classes, and tools for creating landing pages. It includes free HTML courses and documentation to help users get started.
The CMS processes all requests server-side using PHP. Content is stored in a MySQL database, and the administration panel is protected by session-based authentication. Unlike cloud-hosted CMS platforms, MaxSite CMS does not communicate with external servers for core functionality.
By default, MaxSite CMS uses PHP session cookies for administrator authentication. These are strictly necessary cookies that expire when the browser session ends. The core CMS does not set analytics or tracking cookies. However, website owners may install plugins or embed third-party scripts that introduce additional cookies and tracking capabilities.
As a self-hosted CMS, MaxSite CMS gives website owners full control over data processing. No personal data is transmitted to the CMS developer or any third party by default. The website owner acts as the data controller and is responsible for ensuring GDPR compliance based on how they configure and extend the CMS.
The session cookies used for administration qualify as strictly necessary under the ePrivacy Directive and do not require consent. Any additional data processing introduced through plugins, themes, or embedded content must be assessed separately for GDPR compliance.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Since MaxSite CMS is self-hosted, data remains on the server infrastructure chosen by the website owner. There are no inherent cross-border data transfers. Website owners should select hosting providers that align with their GDPR obligations, particularly regarding server location and data processing agreements.
Websites using MaxSite CMS must obtain user consent under GDPR regulations.
DPIA considerations
MaxSite CMS is self-hosted, so all data processing occurs on infrastructure controlled by the website owner. The core CMS does not transmit data to third parties. A DPIA should focus on any third-party plugins, themes, or external services integrated by the site owner, as these may introduce additional data processing. Session cookies used for admin authentication are strictly necessary and low risk.
Sample consent text
This website is powered by MaxSite CMS. The CMS uses essential session cookies for site administration. These cookies are strictly necessary for the website to function and do not track your activity. Any additional cookies from third-party services integrated into this site will be disclosed separately.
This service may collect user data. Ensure GDPR compliance with FlowConsent.
MaxSite CMS is a free, open-source content management system built in PHP. It is designed as a lightweight alternative to WordPress that runs on standard hosting with PHP and MySQL support.
The core CMS uses PHP session cookies for administrator authentication. These are strictly necessary cookies that expire when the browser session ends. No analytics or tracking cookies are set by default.
As a self-hosted CMS, MaxSite CMS gives website owners full control over data processing. The core system does not transmit data to third parties. GDPR compliance depends on how the site owner configures the CMS and which plugins or external services are integrated.
All data is stored on the server infrastructure chosen by the website owner. There are no inherent cross-border data transfers since the CMS is entirely self-hosted.
Session cookies used for administration are strictly necessary under the ePrivacy Directive and do not require consent. Consent is only needed if the website owner adds third-party plugins or services that set non-essential cookies.
Yes. MaxSite CMS is designed as a lightweight PHP alternative to WordPress. It offers similar content management capabilities with a focus on speed, simplicity, and low server resource usage.
No. The core CMS does not communicate with external servers for its functionality. All processing happens locally on the hosting server. External connections only occur if the site owner integrates third-party services.
MaxSite CMS is built on PHP with MySQL database support. It includes the Albireo framework for rapid development, CSS utility classes, and landing page creation tools. It runs on any standard LAMP or LEMP hosting stack.