Title: Privacy &amp; Consent Assistant
Author: Alex
Published: <strong>June 7, 2018</strong>
Last modified: July 7, 2026

---

Search plugins

![](https://ps.w.org/privacy-consent-assistant/assets/banner-772x250.png?rev=1889174)

![](https://ps.w.org/privacy-consent-assistant/assets/icon-256x256.png?rev=1889174)

# Privacy & Consent Assistant

 By [Alex](https://profiles.wordpress.org/alexdemchak/)

[Download](https://downloads.wordpress.org/plugin/privacy-consent-assistant.1.7.0.zip)

 * [Details](https://wordpress.org/plugins/privacy-consent-assistant/#description)
 * [Reviews](https://wordpress.org/plugins/privacy-consent-assistant/#reviews)
 *  [Installation](https://wordpress.org/plugins/privacy-consent-assistant/#installation)
 * [Development](https://wordpress.org/plugins/privacy-consent-assistant/#developers)

 [Support](https://wordpress.org/support/plugin/privacy-consent-assistant/)

## Description

This plugin provides an interface to assist with consent and privacy compliance.
It is not guaranteed to satisfy all clauses in the GDPR or any other legal requirements.
The policies included in this plugin should be reviewed by your legal team before
use.

## Screenshots

[[

## Installation

 1. Upload the unzipped plugin file to the `/wp-content/plugins/` directory, or install
    the plugin through the WordPress plugins screen directly.
 2. Activate the plugin through the ‘Plugins’ screen in WordPress
 3. It’s recommended to insert the Company information in the Privacy & Consent admin
    panel.

## Reviews

There are no reviews for this plugin.

## Contributors & Developers

“Privacy & Consent Assistant” is open source software. The following people have
contributed to this plugin.

Contributors

 *   [ Alex ](https://profiles.wordpress.org/alexdemchak/)

[Translate “Privacy & Consent Assistant” into your language.](https://translate.wordpress.org/projects/wp-plugins/privacy-consent-assistant)

### Interested in development?

[Browse the code](https://plugins.trac.wordpress.org/browser/privacy-consent-assistant/),
check out the [SVN repository](https://plugins.svn.wordpress.org/privacy-consent-assistant/),
or subscribe to the [development log](https://plugins.trac.wordpress.org/log/privacy-consent-assistant/)
by [RSS](https://plugins.trac.wordpress.org/log/privacy-consent-assistant/?limit=100&mode=stop_on_copy&format=rss).

## Changelog

#### 1.7.0

 * Added a signed in user exemption. Signed in visitors are now treated as having
   accepted: their scripts and embeds are never held and the consent bar stays hidden.
   A logged in user has an account and has agreed to your terms, and in practice
   is almost always an administrator. On by default, with a “Gate Signed In Users
   Too” option under Options > Advanced to turn it off and gate signed in users 
   the same as everyone else. Because logged in users bypass full page caches, leaving
   their scripts live never affects the anonymous cached page other visitors are
   served.

#### 1.6.0

 * Added Global Privacy Control support. When a visitor’s browser sends the Global
   Privacy Control signal (navigator.globalPrivacyControl), the consent bar now 
   shows with Decline pre-selected and a note that some features, like embedded 
   videos and maps, stay off until they choose Accept. Tracking stays blocked until
   the visitor confirms, and the choice is passed to Google Consent Mode v2 and 
   the Meta Pixel. Several US state privacy laws require honoring this signal. On
   by default, with an “Honor Global Privacy Control” option under Options > Advanced.
   Declines made while the signal is present are recorded in the Consent Log as “
   decline-gpc”.

#### 1.5.0

 * Added custom policies to plugin output. Any Policy you create beyond the four
   built-ins can now be included via a checkbox under Options > Custom Policies.
   An included policy joins the front-end subfooter links, gains a merge tag for
   the consent bar and form consent messages (shown next to its checkbox), and appears
   under Policy Pages where its source page can be set to the policy itself, a custom
   URL, or Do Not Use, the same as the built-ins.

#### 1.4.5

 * Fixed: embeds whose src contained a quote character (for example a Google Map
   for a business with an apostrophe in its name, like “Sid’s”) were mangled when
   held and restored. The attribute parser now matches the opening quote to its 
   real closing quote, so the other quote type inside the value no longer cuts the
   URL short. Also normalizes entity encoding so the restored src is not double 
   escaped.

#### 1.4.4

 * Added an optional, anonymized Consent Log. When enabled (off by default), each
   Accept or Decline is recorded with a random ID, the consent version shown, a 
   salted hash of the IP (never the raw IP), and a UTC timestamp. View, export to
   CSV, delete by ID, or clear it under the Consent Log tab. Records auto-delete
   after a configurable retention period. Visitors can fetch their own records via
   the random ID kept in their own cookie.

#### 1.4.0

 * Add output buffer script consent
 * Added a consent management link so visitors can change their choice anytime. 
   The subfooter now shows a “Cookie Settings” link (when the consent bar is enabled
   and something is being gated) that re-opens the bar to opt out or opt back in.
   Also available as the [trm_gdpr_consent_settings label=”…”] shortcode, or as 
   a nav menu item: add a Custom Link pointing at “#trm-gdpr-consent” and it re-
   opens the bar. Opting out after having opted in reloads the page so the already-
   running trackers are actually cleared.

= 1.3.0
 * Added consent based script blocking. Third party tracking tags (Google
Analytics, Google Tag Manager, Meta Pixel, and similar) are held inert until a visitor
opts in, so no request reaches a tracker before consent. On by default, with a “
Disable Script Blocking” option per site. * Consent bar now offers explicit Accept
and Decline controls instead of passive dismissal. Decline hides the bar and leaves
tracking blocked. * Blocked scripts re-activate client side after Accept, so cached
pages stay safe for every visitor. * On a choice, the consent state is also pushed
to Google Consent Mode v2 (gtag) and the Meta Pixel (fbq) when those libraries are
present, so they agree with the gate. * Fixed: the admin menu used a slug ending
in .php, which put a file path in the page argument and the form referer and could
trip server mod_security rules (403 on Save Options). Switched to a plain slug. *
Added embed blocking, a separate setting from script blocking. Embedded videos and
widgets (YouTube, Vimeo, Maps, social) send the visitor’s IP to a third party on
page load, the same exposure as analytics. Levels: Off, Block known video and social
embeds (default), or Block all third party iframes. Blocked embeds load the moment
consent is given. Embed blocking also catches embeds built in JavaScript, including
the WordPress custom header video (which injects a YouTube player), by holding the
loader script until consent. * Added a “Do Not Use” choice per policy. A policy 
set to Do Not Use is hidden across the front end: the subfooter, the consent bar
and form consent messages (its merge tag and a stray separator are removed so the
sentence still reads cleanly), and its shortcode outputs nothing.

= 1.2.0.2
 * Fixed issues with filtering content and showing update-policy nags

= 1.2
 * Introduced basic CCPA compliance * Yearly notices added in admin for custom
policies * Default policies now based in remote SVN for easier updating * Policies
language updated to include 12 month default

= 1.1.0.2
 * fixed overwriting consent bar not working in some cases

= 1.1.0.1
 * added default color overrides

= 1.1
 * Shortened default Consent Bar text, and adjusted CSS/svg placementment 
to accommodate

#### 1.0.8.5

 * Fixed `genesis_get_option` error

#### 1.0.8.4

 * Stable Tag Version Mixed Up

#### 1.0.8.3

 * Updated JS to prevent erroneous console errors while still removing notices

#### 1.0.8

 * JavaScript is now compiled with Babel for compatibilty
 * Removed PHP functionality for Consent Bar removal, as it conflicted with caching
   mechanisms on the server
 * Consent Bar is always rendered, and removed if consented to or faded in if not.

#### 1.0.7.4

 * Removed spaces from cookie for syntactic purposes

#### 1.0.7.3

 * Fixed a syntax Error when setting cookies

#### 1.0.7.2

 * Default Consent Cookie to expire in 1 year

#### 1.0.7

 * Prevented Genesis Specific errors

#### 1.0.6

 * Replaced Dynamic CSS file with Dynamic CSS option.
 * Forced Positioning and colors on Consent Messages to better accommodate all themes.

#### 1.0.5

 * Better sanitization/validation methods when saving options
 * Fixed minor JS errors on non-post editor pages.

#### 1.0.4

 * Increased security with hiding Dynamic Delete form consents.
 * Modified JS errors thrown when illegally submitting Dynamic Delete requests.
 * Increased security and sanitization with Admin Options.
 * Prevented “Direct File Access” to PHP files.

#### 1.0.3

 * Attempt to hide existing policy links with CSS
 * Add option to disable “hide existing links” feature
 * Make Feature Options easier to add in the future.
 * Changed Name to Privacy & Consent Assistant

#### 1.0.2

 * Options weren’t setting and Policies not being created on Network Activation.
   Accounted for that now.

#### 1.0.1

 * Initial Release

## Meta

 *  Version **1.7.0**
 *  Last updated **4 days ago**
 *  Active installations **10+**
 *  WordPress version ** 3.5.1 or higher **
 *  Tested up to **7.0.1**
 *  [Advanced View](https://wordpress.org/plugins/privacy-consent-assistant/advanced/)

## Ratings

No reviews have been submitted yet.

[Your review](https://wordpress.org/support/plugin/privacy-consent-assistant/reviews/#new-post)

[See all reviews](https://wordpress.org/support/plugin/privacy-consent-assistant/reviews/)

## Contributors

 *   [ Alex ](https://profiles.wordpress.org/alexdemchak/)

## Support

Got something to say? Need help?

 [View support forum](https://wordpress.org/support/plugin/privacy-consent-assistant/)