# mageplaza/module-gdpr

> Magento 2 GDPR Extensions

`composer require mageplaza/module-gdpr`

Canonical URL: https://packagento.com/mageplaza/module-gdpr

## At a glance

- **Vendor**: mageplaza (https://packagento.com/mageplaza.md)
- **Latest version**: 4.2.8 — released 2026-04-28
- **Pricing**: Free
- **Package type**: Magento 2 module
- **Status**: active, accepting new buyers

## Installation

Packagento is licence-gated, so even free packages need a licence on a project before Composer can resolve them.

1. **Sign in or create an account** at https://packagento.com/customer/account/.

2. **Add the package to your account.** Open https://packagento.com/mageplaza/module-gdpr and complete the free checkout. A licence is minted automatically.

3. **Create or pick a project, then activate the licence on it.**
   - Projects represent the Magento installs you deploy to. Manage them at https://packagento.com/projects/.
   - Activate the new licence on the project you'll deploy this package to. Activation is what generates the Composer credentials scoped to that project.

4. **Add the project credentials to your Magento codebase.**

   Grab the project's public + private key from https://packagento.com/projects/ (open the project, then its Credentials tab), and add them to `auth.json`:

   ```json
   {
     "http-basic": {
       "packagento.com": {
         "username": "ppk_live_...",
         "password": "psk_live_..."
       }
     }
   }
   ```

   Add the Packagento Composer repository to `composer.json`:

   ```json
   {
     "repositories": [
       { "type": "composer", "url": "https://packagento.com" }
     ]
   }
   ```

5. **Install and apply.**

   ```bash
   composer require mageplaza/module-gdpr:*
   bin/magento setup:upgrade
   bin/magento setup:di:compile
   bin/magento cache:flush
   ```

## What it does

Magento 2 GDPR Extensions

## README


### What is GDPR? - Help Your Magento 2 Store Protect Customers
GDPR stands for General Data Protection Regulation issued by EU, starting on May 25, 2018. This is a new set of data privacy regulations giving an important impact not only on European countries but also on all over the world.

There are many important rules that firms have to obey from June 2018, these rules help protect customers’ data from being stolen and misused (the data can be traded without permission or customers can be overwhelmed by complicated or incomprehensible terms). We recommend that you should go through all terms and conditions [here](https://www.eugdpr.org/); this is especially important if you are expertised in IT or if you are a Magento 2 store owner.

To help Magento 2 stores which are directly affected by GDPR, Mageplaza is about to release an extension called **Mageplaza GDPR for Magento 2**. This module is to supports online stores to comply those data privacy regulations.

[![Latest Stable Version](https://poser.pugx.org/mageplaza/module-gdpr/v/stable)](https://packagist.org/packages/mageplaza/module-gdpr)
[![Total Downloads](https://poser.pugx.org/mageplaza/module-gdpr/downloads)](https://packagist.org/packages/mageplaza/module-gdpr)

**IMPORTANT NOTE: This version of [Magento 2 GDPR extension](https://marketplace.magento.com/mageplaza-module-gdpr.html) on Github is free as a contribution to the Magento community from Mageplaza. This package does not include the technical support. Should you need technical support for this extension, you will have to buy a license from Mageplaza. [Click here to buy](https://www.mageplaza.com/magento-2-gdpr-extension/).**

### Highlight Features
- Remove customers’ accounts
- Delete customer’s addresses
- Manage billing documents (Pro): Order, Invoice, Shipment, Credit Memo
- GDPR Cookie restriction (Pro)
- Auto-delete customer account(Pro)


### How to install Magento 2 GDPR


#### ✓ Install via composer (recommend)
Run the following command in Magento 2 root folder:

```
composer require mageplaza/module-gdpr
php bin/magento setup:upgrade
php bin/magento setup:static-content:deploy
```
#### ✓ Install ready-to-paste package (not recommend)

- Download the latest version [here](https://www.mageplaza.com/magento-2-gdpr-extension/)
-  [Installation guide](https://www.mageplaza.com/install-magento-2-extension/)

### GDPR Module Documentations
- [Mageplaza](https://www.mageplaza.com)
- [User guide](http://docs.mageplaza.com/gdpr/)

### Magento 2 GDPR Standard Edition - Highlights

#### Delete accounts
![magento 2 gdpr](https://i.imgur.com/5DYdNyN.png)

Magento 2 GDPR by Mageplaza supports customers in permanently deleting their accounts on your e-website. All related information including one which is considered private data will be completely removed along with customers’ accounts. This helps the buyers make sure that their personal information is protected by GDPR.

#### Delete default addresses

![delete default addresses for gdpr](https://i.imgur.com/rlbuMfk.png)

Default addresses including Billing and Shipping addresses are seen as private data of a human being according to GDPR. Hence, allowing buyers to delete these information is an action which proves that you are making a strong commitment to protect your users. With Magento 2 GDPR, this is easily performed by your customers with only few easy and clear steps.

### Magento 2 GDPR Pro Edition - An Innovative Version

#### Manage billing information (Pro)
Billing information including data featured in customers’ orders, invoices, credit memos and shipments is seriously important which needs protecting. Your online shoppers, for sure, have rights to manage it themselves, and also, have rights to become anonymous. To support online stores in solving this issue, Mageplaza GDPF Pro version allows customers to anonymize their private information such as names, phone number or addresses by replacing these data by a random string.

Also, customers’ private information on subscribing requests and abandoned carts will become anonymous.  

#### Cookie restriction (Pro)
Online stores often use cookies to enhance customer experience. However, through this, a customer can be identified and this is why you need to concern about this. Mageplaza GDPR extension allow store admins to design the Cookie message by using HTML; also, the position to feature the message can be configured to be at the top or bottom of your webpage. Cookie can be restricted in specific countries based on your settings in the backend also.



### Why do we need the GDPR?
It is obviously easy to understand, the regulation has been adopted as data protection and privacy issues are increasingly becoming a serious concern. In recent decades, the internet growth has continued increasing so does the frequency and effect of data breaches. According to the [Breach Level Index](https://breachlevelindex.com/assets/Breach-Level-Index-Report-H1-2017-Gemalto.pdf), by the first half of 2017, the number of data breaches had risen from above 575 million in 2013 to more than 1,9 billion over the 2-year period. Shockingly, over 95% of these breaches including unencrypted data were not protected properly. The point here is that the total global annual cost of all data breaches, according to [a Juniper’s research](https://www.juniperresearch.com/press/press-releases/cybercrime-cost-businesses-over-2trillion), is forecasted to reach above $2.1 trillion in damages by 2019. You can imagine how severely consumers and organizations can be affected.

That is why GDPR needs to appear as soon as possible with an aim to eliminate and reduce possible harms and threats for both businesses and online shopping doers. The regulations play a role as data security standards which organizations have to follow. 

### Why Mageplaza GDPR is your must-have module
Your Magento 2 store, no matter where yo

_(README truncated for .md surface. Full README on https://packagento.com/mageplaza/module-gdpr.)_

## Changelog

CHANGELOG: https://www.mageplaza.com/releases/gdpr

## Recent Versions

| Version | Released |
|---|---|
| 4.2.8 | 2026-04-28 |
| 4.2.7 | 2026-01-08 |
| 4.2.6 | 2025-09-29 |
| 4.2.5 | 2025-04-21 |
| 4.2.4 | 2023-06-22 |
| 4.2.3 | 2023-04-05 |
| 4.2.2 | 2023-02-28 |
| 4.2.1 | 2022-08-30 |
| 4.2.0 | 2022-04-12 |
| 1.4.0 | 2022-04-12 |

Showing 10 of 20 versions. Full release history on https://packagento.com/mageplaza/module-gdpr.

## Dependencies

### Require

| Package | Constraint |
|---|---|
| mageplaza/module-core | ^1.5.14 |

## Quality

Latest release (4.2.8) fails the Packagento QA pipeline. Verdicts below are per-cell (Magento line × PHP version) for the matrixed tools, and run-once for the static / security tiers.


### Compatibility

Each Magento line is installed on its supported PHP versions, then the module is built (DI compile + static-content deploy). Cells show passed / failed / untested; staircase gaps render as `–`.

| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | Pass | Pass | – | – |
| 2.4.8 | – | Pass | not tested | – |
| 2.4.9 | – | – | Pass | not tested |


### Code Quality

Advisory checks against the module's source. Never affect the Compatibility verdict — a phpcs finding can't make a module incompatible.

#### Static Analysis

Coding standards (phpcs), mess detection (phpmd), copy-pasted code (cpd), PHP cross-version compatibility, composer.json validity. Each runs once for the whole module.

| Tool | Status | Findings | Summary |
|---|---|---|---|
| PHPCS | Warning | 63 | 63 warnings (ruleset: Magento2) — 34 auto-fixable with phpcbf |
| PHPMD | Pass | 0 |  |
| Cpd | Pass | 0 |  |
| Composer validate | Info | 1 | valid; 1 advisory note (composer validate --strict) |

#### PHPStan

Type-checks the module against a real Magento install. Re-runs per Magento + PHP version because resolvable symbols differ between releases.

| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | 58 | 58 | – | – |
| 2.4.8 | – | 58 | 58 | – |
| 2.4.9 | – | – | 56 | 56 |


### Tests

Unit and integration suites run per Magento + PHP cell. Test failures speak to the module's behaviour, not its compatibility with a line, so they're reported here separately.

#### Unit Tests

| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | N/A | N/A | – | – |
| 2.4.8 | – | N/A | N/A | – |
| 2.4.9 | – | – | N/A | N/A |

#### Integration Tests

| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | N/A | N/A | – | – |
| 2.4.8 | – | N/A | N/A | – |
| 2.4.9 | – | – | N/A | N/A |


### Security

Dependency-advisory audit (composer audit) plus a source malware scan. A malware detection fails the version outright.

| Tool | Status | Findings | Summary |
|---|---|---|---|
| Composer audit | Pass | 0 |  |
| Malware scan | Pass | 0 |  |

## Licence and pricing

Free. A licence is still minted on checkout and bound to your project for Composer access — no payment step.

Refundable within 14 days of first purchase via https://packagento.com/account/refunds/.

## Install via Claude Code or any MCP client

The Packagento MCP server can run the licence + project + Composer steps above in one tool call:

```
purchase_and_install_packages(
  composer_names=["mageplaza/module-gdpr"],
  project_id="proj_xxx"
)
```

This handles cart, checkout, licence minting, project activation, and writes auth.json credentials. Connect a client with `claude mcp add packagento https://mcp.packagento.com`. Full setup at https://packagento.com/docs/mcp-setup.

## Vendor

mageplaza is a Magento 2 vendor on Packagento. See https://packagento.com/mageplaza.md for their full catalogue.

