Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Complianz is a Consent Management Platform (CMP) for WordPress, developed by Really Simple Plugins B.V. in the Netherlands. It scans cookies on your website, generates cookie policies and privacy statements, displays a consent banner, and stores consent records to demonstrate GDPR and ePrivacy compliance. Unlike tracking services, Complianz itself does not collect behavioural data and transfers no data outside the EU.
Complianz is a leading Consent Management Platform for WordPress, developed by Really Simple Plugins B.V. in the Netherlands. With over 800,000 active installations it is the most widely used European built CMP in the WordPress ecosystem. Complianz combines a cookie scanner, geographically aware consent banner, document generator (privacy policy, cookie policy, disclaimer) and detailed consent logging in a single plugin.
Complianz runs as a WordPress plugin and provides three layers: (1) a regulation aware banner that adapts to the visitor''s region using a built in geo IP service (GDPR for the EU, LSSI for Spain, TDDDG for Germany, CCPA for California, LGPD for Brazil, etc.), (2) a configurable cookie scanner that detects scripts, cookies and tags placed on your site, and (3) a record of consent compatible with Article 7(1) GDPR and the Italian Garante guidelines.
Complianz stores the visitor''s consent decision in two first party cookies: cmplz_consent_status (recording the granular choices) and cmplz_marketing (whether marketing cookies were accepted). It also stores an entry in the WordPress database for the proof of consent, including timestamp, IP truncated to /24, user agent and selected categories. No third party tracker is loaded by the plugin itself.
The CMP itself is considered strictly necessary technology under Recital 30 of the ePrivacy Directive and benefits from the consent exemption of Art. 5(3). Complianz can be configured to comply with the strictest national implementations: explicit opt in with equal weight for accept and reject, granular categories, easy withdrawal, no pre ticked boxes, and full revocation via a privacy preferences icon. It supports Google Consent Mode v2, IAB TCF 2.2 and a built in A/B test mode.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
No prior consent is required to load Complianz itself, as it is necessary for legal compliance. However, the CMP must be configured to block all non essential scripts before consent is given. In Complianz this is done via the integrated script center and the categorise option that wraps third party tags in conditional placeholders.
Complianz is installed on your own WordPress server and stores all consent logs in your own database. The optional Complianz Hub (for centralised statistics) and the geo IP lookup are operated by Really Simple Plugins B.V. from the Netherlands. No personal data is transferred outside the European Union.
Run the cookie scanner to inventory all tags. Categorise scripts as functional, statistics, marketing or preferences. Configure the banner with equally weighted accept and reject buttons and a granular preference panel. Enable consent logging for proof. Connect Complianz to Google Consent Mode v2 if you use Google services. Document the CMP in your records of processing and your privacy policy. Re run the scanner monthly or after every theme/plugin change.
Websites using Complianz must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is generally not required for Complianz itself, as it is a privacy enhancing technology used to comply with consent obligations. The plugin processes only the minimum data needed for consent collection and logging.
Sample consent text
This website uses Complianz, a Dutch Consent Management Platform, to record your cookie and consent preferences. The plugin stores a local cookie containing your consent choices. No personal data is transferred outside the European Union.
Third-party domains contacted
api.complianz.iocomplianz.iocookiedatabase.orgreallysimpleplugins.comcomplianz.iocmplz-cdn.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| cmplz_consent | Strictly Necessary | 1 year | Stores the visitor consent choices per category (functional, statistics, marketing, preferences). Set on the operator domain after the visitor interacts with the consent banner. |
| cmplz_consent_status | First party (Complianz) | 365 days | Stores the granular consent decision of the visitor (functional, statistics, marketing, preferences). |
| cmplz_marketing | First party (Complianz) | 365 days | Indicates whether marketing cookies have been accepted. |
| cmplz_id | Strictly Necessary | 1 year | Stores a unique anonymous identifier to link consent choices to a consent record. Used to provide proof of consent as required by GDPR Art. 7(1). |
| cmplz_consent_status | Strictly Necessary | 1 year | Records whether the visitor has actively interacted with the banner or dismissed it without making a choice. Prevents the banner from reappearing unnecessarily. |
| cmplz_policy_id | First party (Complianz) | 365 days | References the active cookie policy version against which consent was recorded. |
| cmplz_id | First party (Complianz) | 365 days | Anonymous identifier used only when the A/B test mode is enabled. |
| cmplz_policy_id | Strictly Necessary | 1 year | Stores the version identifier of the cookie policy the visitor accepted. If the policy is updated significantly, this triggers a new consent request on the next visit. |
| cmplz_banner-status | First party (Complianz) | 365 days | Records whether the consent banner has been dismissed by the visitor. |
Complianz is an essential service, but transparency matters. Manage all your consent with FlowConsent.
Complianz is a Consent Management Platform (CMP) plugin for WordPress. It helps website operators comply with the GDPR, ePrivacy Directive, CCPA, and other privacy regulations by automatically scanning cookies on the site, displaying a customisable consent banner, blocking third-party scripts until consent is given, storing consent records as proof of compliance, and generating cookie policies and privacy statements. With over one million active installations, it is one of the most widely used consent management solutions in the WordPress ecosystem.
Complianz stores two first party cookies: cmplz_consent_status (containing the granular consent choices, valid 365 days) and cmplz_marketing (recording whether marketing was accepted, 365 days). Optional A/B test mode adds a third cookie cmplz_id. No third party cookies are loaded by the plugin itself.
No. The cookies that Complianz sets (cmplz_consent, cmplz_id, and related cmplz_* cookies) are strictly necessary for the functioning of the consent mechanism itself. Under the ePrivacy Directive, cookies that are technically required to implement a user choice are exempt from prior consent requirements. Visitors do not need to consent to Complianz cookies before the banner is shown, as these cookies exist solely to store and apply the consent decision the visitor is about to make.
No. A Consent Management Platform is considered strictly necessary under Recital 30 of the ePrivacy Directive, since it is the technology required to collect the consent itself. Complianz can therefore be loaded before any consent has been given, and it must block all non essential scripts until the visitor decides.
Complianz sets several first-party cookies, all stored on the operator domain: cmplz_consent (1 year) stores the visitor consent choices per category (functional, statistics, marketing); cmplz_id (1 year) stores a unique anonymous identifier to link consent records; cmplz_consent_status (1 year) records whether the visitor has actively interacted with the banner or dismissed it; and cmplz_policy_id (1 year) stores the version of the cookie policy the visitor accepted, allowing consent to be re-requested if the policy changes significantly.
Complianz processes consent records to fulfil legal obligations (Art. 6(1)(c) GDPR, in combination with Art. 7(1) GDPR which requires the controller to demonstrate consent). The geo IP lookup operated by Really Simple Plugins relies on legitimate interest to display the correct regulation.
Yes. Complianz is designed specifically to help operators achieve and demonstrate GDPR compliance. It is developed by a Dutch company (Really Simple Plugins B.V.) subject to EU law, stores all data in the EU, acts as a data processor under a Data Processing Agreement, and provides the consent records required by GDPR Art. 7(1) to demonstrate valid consent. Using Complianz does not guarantee full GDPR compliance for your site, as compliance also depends on how you configure and use the other services Complianz manages.
No. Complianz is installed on your WordPress server and the optional cloud services (Complianz Hub, geo IP lookup) are operated by Really Simple Plugins B.V. from the Netherlands. There is no transfer to the United States.
By default, Complianz stores consent records in your WordPress database on your own server. No data is sent to Complianz or any third party in this default configuration. Optionally, operators with a Complianz Premium subscription can enable cloud-based consent record storage on Complianz servers located in the Netherlands (EU). In either case, no consent data is transferred outside the European Union. Records include the visitor IP address (or a hashed version), timestamp, banner version, and consent choices per category.
A DPIA is not required for Complianz itself. The plugin is a compliance enabling technology that processes only the minimum data needed to demonstrate consent. It actually reduces risk for the controller.
Yes. Complianz supports multiple privacy regulations through geo-targeting. It can detect the visitor location and display a regulation-specific banner: a GDPR consent banner for EU visitors, a CCPA opt-out notice for California visitors, and customised notices for other regions (Brazil LGPD, Canada PIPEDA, etc.). Each regulation requires a different compliance approach, and Complianz handles the logic automatically based on the visitor IP. Premium users can customise banners and flows for each region independently.
Run the cookie scanner, categorise every detected script, enable consent logging, configure the banner with equally weighted accept and reject buttons, link Google Consent Mode v2 if you use Google services, and display the persistent privacy preferences icon. Re scan monthly.
Other CMPs include Axeptio (France), Didomi (France), CookieFirst (Netherlands), CookieHub (Iceland), Klaro (Germany, open source), Usercentrics (Germany) and OneTrust (US). For WordPress, the closest alternatives are CookieYes and Cookiebot.
The main difference is the deployment model. Complianz is a self-hosted WordPress plugin: all data stays on your server and no data is sent to a third-party CMP platform by default. Cookiebot and OneTrust are SaaS CMPs: consent records and banner configuration are managed on their cloud platforms, which involves a data transfer to their servers (located in the EU or US depending on the provider). Complianz is generally more privacy-friendly by default and less expensive, but offers fewer enterprise features than OneTrust. Cookiebot and OneTrust are platform-agnostic and do not require WordPress.
A full Data Protection Impact Assessment (DPIA) is generally not required for Complianz alone, as the processing it performs is low-risk: it stores consent records in the EU, has no advertising purpose, and does not profile users. However, operators should document the processing of consent records (including IP addresses) in their Record of Processing Activities (RoPA) as required by GDPR Art. 30. A DPIA may become relevant if consent records are combined with other high-risk processing, or if the Complianz Statistics add-on is used at large scale.
Complianz generates the cookie policy dynamically from the scanner results. Schedule a monthly scan and review the generated policy after every theme, plugin or analytics change. Publish the updated policy version date and notify users of any material change.