Magento 1 GDPR Compliance: Anonymisation of order data

98% of 100

Compatible with community: 1.9.x and enterprise: 1.14.x

Magento GDPR extension allows you to implement cookie notification, "privacy consent required checkbox" on all the forms where personal data is getting collected, full customer data export including guest customers, customer data deletion along with anonymization of their sales data.
  • Delete & Anonymize Customer Account
  • Cookie Notification Message / Restriction Notice
  • Add the customizable cookie policy bar
  • Manage customer consents
Magento Best Extension Winner 2018

Free Support

up to 60 days

Free Upgrades

up to 1 year

Fully open source


4.7 Simple Extension
Bought this extension to simply allow our customers to delete their data to meet GDPR "right to be forgotten" requirement. And this extension does the job without any issue.
4.7 Easy to install and setup
It is easy to configure cookie notification message from admin. We have also tested deletion functionality of the customer and it works as expected. Sales data also gets anonymised which is great. It would have been good to have option to export all customer data as that's another GDPR requirement, SCommerce promised to release that soon once they have more clarity on the format.
4.7 Quality product!
It is easy to set up and configure. It has most of the configuration option including background and text colours of the cookie notification message. The best part was translation of messages and emails because we have 5 European sites it worked really well for us. Good quality product!
5 Great Knowledge on the subject
These guys know what they are doing which is always reassuring. We had a pre-sale chat with these guys and was very impressed with their trendmendous knowledge on GDPR. Installed the product with no issue so far but I am sure they will be as good as support as pre-sale.
5 So great!
This works perfect. Easy to set up. I run into a conflict with another third-party extension - but the these guys made a fix for me in a couple of hours. Top-notch support!
5 Finally customer export!!!
Finally found extension which allows us to export customer data. Used free extension which had limited options and didn't cover much. This looks feature-rich with so many options so switched to this one and well pleased with it. Support is outstanding as well.
5 Quality Module and Excellent Customer Service
Great modules, small school boy error on my part for install. Emailed customer support and received first class service and quick resolution. Great work, well done!
5 Great Extension and Support!
The exension works as described and is perfect for our needs. The service was fast and highly professional! What more can you want. Thanks!
5 Excellent - Especially Support
This is an excellent extension, perfect for Magento store owners who need to to be GDPR compliant. Support is excellent, fast and responsive. Would highly recommend.
5 Amazing service!
Installed module and after putting the license key everything worked as described on the product description page. Customer service was absolutely great, we asked for two additional license keys for our test environments and their response was instant. Even the FAQ section is great because it answered most of our questions.
5 Très bonne extension et super service
Un super module pour répondre à la nouvelle loi RGPD. Très facile à installer et surtout à customizer. J'avais un léger conflit avec mon thème mais le support a résolu le problème très rapidement. Je recommande fortement! NB: j'avais précédemment installé un module gratuit mais je ne regrette absolument pas d'avoir payé pour cette extension, notamment pour la customization et la gestion multi langues.
4.7 Great features and service
Really impress with these guys, the amount of features they have been building is just amazing. Just received the latest version of the module and it is getting better with every release. On top of all their service is amazing!
4.7 Great service and comprehensive module!
I read reviews before buying this module and I can also confirm their service is absolutely brilliant. Shivani and team are very responsive. We had few hiccups related to our custom theme and they pointed out our developer in the right direction and fixed the problem in no time. On top of that it covers most of the aspect of GDPR, thumbs up!
5 Fantastic product and service
We are really happy with this product and the service provided. The basic product was great but we required lots of customisation for our particular requirements. Shivani was brilliant and nothing was ever too much trouble! We have everything installed now across multiple sites, exactly to our preference. I highly recommend this product and Scommerce Mage.
5 One stop GDPR solution
Very impressed with these guys, they have thought about everything. I have been researching on GDPR for over 3 months and haven't found many things which this module doesn't do apart from data encryption which I asked and they provided me the solution of using table level encryption which is provided by MYSQL out of the box. Their customer service is outstanding as well, some of their replies came within few minutes unlike other extension companies I used which can take days sometime weeks!
5 Great value for Money!
Can't believe the amount of features provided for this price comparison to other extensions out there. Had some small issues related to cookie banner but support team pointed us in the right direction. Great product with excellent support. Definitely recommend this product to others without a doubt!!!
5 Wonderful product
My company bought this product for 2 websites and we are going to buy a third one. It helps us make websites GDPR compliant really fast. Customer support is really great too.
5 Great extension and customer service
GDPR extension is easy too install and setup. It works as described. Customer service answering very quickly and always ready to help.

Product description

Magento GDPR Compliance: Personal Data Protection and Cookie Consent

Compatible with community: 1.9.x and enterprise: 1.14.x

This module supports you to make your Magento 1 store GDPR compliance. It supports cookie compliance, complete set of customer data export and customer data deletion along with anonymization of the transaction data

Here are the main features of this module-:

Cookie Compliance / Right to be informed

  • It allows you to implement cookie compliance customized notification message on your website
  • The cookie notification banner requesting user consent appears as soon as user lands up on your website
  • The cookie notification can be optional or mandatory for customers to accept before browsing through the website
  • It allows you enable/disable cookie notification message from configuration
  • The cookie message can be fully manageable from configurations
  • It allows you to manage text and background colour of the cookie message via admin panel so that you can match your brand colours without changing code
  • The message is always displayed at the top of the page so that its clearly visible to the user
  • The cookie choice get saved as a first party cookie which can be further used to prevent calling third party trackings like Google Analytics, Google Remarketing, FB Remarketing etc.

Privacy Policy Consent / Right to be informed

  • It allows customers to give clear and concise consent on different forms like newsletter, contact us, registration and checkout pages
  • It sets subscription date with all newsletter subscriptionS because now you have to have information about who opted in and when with specific date and time
  • It records when, who and how the consent was given by the customer before filling any personal data on your website
  • It allows administrators to look who, when and how the consent was given by the customer including guest customers
  • It allows administrator to control which forms they would like the consent checkbox to appear on the frontend
  • It allows administrator to change privacy text of the consent checkbox which appears on the frontend

Right to be forgotten

  • It allows logged in customer to delete their account including newletter subscription from front end under my account section but this option can be disabled from admin panel
  • It allows administrators to delete customers (registered and guest), their newsletter subscription and anonymise their transaction data within Magento Admin Panel
  • It allows administrators to send confirmation email to customers with the link to delete and anonymise their transaction data including order, invoice, credit memo and shipment
  • It allows administrators to anonymise transaction data manually or automatically which are older than the retention period. (New!)
  • It allows administrators to receive email when customer account gets deleted either from frontend or backend, this allows them to remove data of this customer from other systems
  • It allows you to fully anonymize or delete customer data from customer, sales, quotes, newsletter tables so that you have met your "right to be forgotten" obligation
  • It anonymises personal data which includes customer firstname, middlename, lastname, email address, remote IP address, phone, fax, region, street, city and postcode
  • The extension also allows you to set all the personal data in the Quotes to NULL through a cron job. You can easily manage the number of days after which data needs to set to NULL from configurations

Right of access / Right of data portability

  • It allows administrators to export all customer data manually for a given customer including guest customers. This meets the requirement of "right to access" and "right of portability" as under GDPR individuals will have full rights to ask for complete set of their personal data on your website. (New!)
  • It exports all the personal data from the system including customer, customer addresses, sales orders, sales order addresses, quotes and newsletter(New!)

Other features

  • All the messages or texts appearing anywhere either on frontend or backend are translatable
  • It allows you to stop sending emails to customer automatically until customer's account has been deleted from all the external systems
  • It allows you to give permission to specific roles to export customer data, anonymise orders, delete customer data including newsletter subscription and send confirmation link to customers to delete their account NEW!
  • It allows you to change email templates from admin panel exactly same as other Magento email templates
  • It works with sub-domains and multi-domain websites **
  • It works with all the latest Magento Enterprise and Community versions
  • This module can be completely disabled whenever required via system configuration in admin
Use our demo store to try out this extension. The demo store is refreshed every 3 hours.

Admin Demo URL

Cookie Pop Up

Cookies pop up is used to improve the experience for user by providing them all the infomation about the individual cookies used on the site. With the help of cookie pop up admin can maintain the categories for all the cookies generated on the website. It helps user to set cookie preferences for individual categories.

Here are the main features of this module-:

  • You can create/add cookie prefrences categories in back-end.
  • It lets you select cookie pop up styling, modal border, header font color, background color etc..
  • You can add customize CSS.
  • You can manage the buttons style and the title, text, font color of the tabs.
  • You can manage the pop up styling from back-end.
  • It allows you to choose whether cookie is required or not.
  • You can set the default values for cookies.
  • You will have an option to select all cookies or an individual cookie.
  • You can define categories and cookie choice at store level.
  • Supports Multi websites/ Store views
  • Cookie choices can be filtered based on the store view.
  • You can add cookie choice description

Click here to know more about it.

Compatible with community: 1.9.x and enterprise: 1.14.x

We offer 60 days of free support and 12 months of free upgrade for any standard Magento site when you buy this extension. You can also get our installation service for a small fee. If you want more benefits, you can purchase our 12 months of free premium support and free lifetime upgrade package. Please contact us if you need any assistance or customization for this extension. We will reply to you within 48 hours. We may also offer you a special deal or a free solution if we like your idea.

** Please refer to our FAQ or T&C section for running our extensions on multiple domains or sub-domains


Q. How can I get license key for my development website?
A. Please login to your account and Go to My account section > From the left menu select Generate Dev License key > Enter the Dev site url and select the extension from the dropdown and click on generate to get the license key
Q. Can I test the extension before buying?
A. Unfortunately we can't provide you extension for testing purposes but we have demo available for most of our extensions and happy to provide full refund if the extension doesn't work
Q. Can I request for customisation on your extensions?
A. Yes we do provide all sort of customisation for our clients at the reasonable rates. And if we believe the customisation will help our product then we also provide great discount on the customisation
Q. I have two live domains, do I need a separate license key for each live domain?
A. Yes you need to buy a separate license key for each live domain ( or sub-domain ( or subfolder ( If you are buying licenses for more than four live sites in one transaction then we can offer you 30% discount on total amount
Q. How can I upgrade my extension to the latest version?
A. If your extension is within the free upgrade period (12 months from purchased date) then simply email us with your order number and our team will send you the latest version of the extension but if it is outside free upgrade period then you need to buy an upgrade using the following link

Once you received the latest version of our extension then we would highly recommend to delete all the files and folder of our extension from your website first before uploading the latest version because we might have removed existing files and keeping existing files could cause problems on your website.
Q. Does my license get expired after certain period?
A. No, your license is not going to get expired but we would highly recommend upgrading to get all the latest fixes (including security fixes if any), improvements and new features. In the upgrade, we also ensure it is compatible with the latest version of Magento and when you upgrade you will have a smooth transition.
Q.Where can I download the extension files?
A. Please login into your account on our website and go to the download link under my account section to download the extension package.
Q.Can you provide a key that works for our development (NOT PRODUCTION) environment which will work on a dynamic URL, for example, and
A. Unfortunately it is not possible to generate license keys based on the dynamic URLs. License keys need to be generated per domain or subdomain whether it is production or non-production.
Q: What is GDPR?
Q: What happens when customer "declines" or "accepts" third party cookies from cookie notification message?
A: It creates first-party cookie i.e. "cookie_accepted" and set the value to 1 when customer "accepts" and 0 when cutomer "declines". If you are using any of our tracking extensions then they all come with the option to stop sending info to third parties like Google when third party cookie usage has been declined by the customer. But if you are using third party tracking extension then they need to check for cookie name "cookie_accepted" and this will be set to 1 for "accept" and 0 for "decline"

Here is the function which will force your tracking not to run unless the cookie has been accepted by the customer from cookie notification message

     * Check if the third-party cookie has been accepted or not
     * @return bool
     protected function hasCookie()
          $cookieKey = 'cookie_accepted';
          $cookie = (string)Mage::getModel('core/cookie')->get($cookieKey);
          return ($cookie=="1" ? true : false);

Here is the function which will turn off your tracking only when customer declines from cookie notification message

     * Check if the third-party cookie has been accepted or not
     * @return bool
     protected function hasCookie()
          $cookieKey = 'cookie_accepted';
          $cookie = (string)Mage::getModel('core/cookie')->get($cookieKey);
          return ($cookie=="0" ? false : true);

N.B - You don't need to do anything with your trackings if you are not sending Personal Identified Information (PII) because GDPR only applies to personal data not transaction or catalogue data
Q: I am using GTM for all my trackings, can I control certain tags to get fired only when customer has accepted the cookie?
A: Yes of course, please follow the below steps in GTM -:
  1. Step 1 - Create a new variable named "acceptance_cookie", variable type should be 1st-Party cookie and give the name of the cookie as "cookie_accepted"

  2. Step 2 - Create a new trigger named "Acceptance Cookie", trigger type could be anything like GTM.DOM, Pageview, Custom Event etc. and based on the trigger type choose some custom events or some pageview and add the following condition

    - From first dropdown - select variable name created in Step 1 i.e. "acceptance_cookie"
    - From second dropdown - select equals
    - Third Input box - put value 1

  3. Step 3 - Associate the trigger created in Step 2 ie.. "Acceptance Cookie" with any existing tag and that tag will ony fire when customer accepts the cookie on your website
Q: Does this extension make my company fully GDPR compliant?
A: This extension is going to support towards compliance, it targets mainly around few main requirements "cookie notification", "privacy consent", "right to erasure","right to be informed","right of data portability" and "right of access" but just installing this extension is not going to make your company fully compliant. To be precise it is not just implementing technical elements on your website. It is a disciple which is around making sure the personal data (for example email address, phone number, name, addresss, medical info etc.) which is stored in your data centre in any format or the personal data that you are sharing with third parties is secure. For more information Click here to know more about GDPR.
Q: If someone puts items into a cart and does provide personal information, but finally does NOT order, the customer is not registered as a customer but that data is still somewhere in the system - does this module also delete this data ?
A: Yes we are running a cron job which clears personal data from cart / quote table automatically after set number of days which you can configure in admin, by default it is set to 30 days.
Q: Can my customer change their cookie preference/choice?
A: Yes they can change their cookie preference/choice by clicking on the Cookie Settings link from the header
Q: How often the cron job runs to anonymise order data automatically?
A: It runs every 1 hour to anonymise order data automatically
Q. How can I manually uninstall your module?
A. Please follow the below steps -:

Step 1: Remove the module Scommerce_%.xml files from app\etc\modules\

Step 2: Drop module tables or columns from database, please check folder app\code\community\Scommerce\%\sql\% for more information

Step 3: Remove the folder app\code\community\Scommerce\%

Step 4: Remove module configuration settings from core_config_data table by running the following query
DELETE FROM core_config_data WHERE path LIKE 'scommerce%'
Step 5: Remove module from core_resource table by running the following query
DELETE FROM core_resource WHERE module LIKE 'Scommerce_%';

Q: Can I remove cookie preference link?
A: Yes you can copy layout xml file from \app\design\frontend\base\default\layout\scommerce\gdpr.xml to your custom theme folder and remove addLink reference
Q: How can I translate text on frontend or admin?
Q: Does it support multi store functionality?
A: Yes, cookies are displayed on the frontend considering the configured storeview per cookie choice.
A: Our extension uses Magento out of the box translate mechanism, you can do it using inline translation feature and alternatively copy the following file app/locale/en_US/Scommerce_GDPR.csv into correct language folder and update the file accordingly. For example for Germany, you need to copy "Scommerce_GDPR.csv" into app/locale/en_DE/ folder
Q: I can’t see privacy policy consent checkbox on newsletter sign up or contact us form
A: This could be because of your custom theme, please check if you have custom theme with contacts.phtml and subscribe.phtml. If yes then copy contacts.phtml from app\design\frontend\default\default\template\contacts\ and subscribe.phtml from app\design\frontend\default\default\template\newsletter\ to your custom theme
Q: I am using Ebizmart Mailchimp extension, when the customer gets deleted from my website, does it get deleted from Mailchimp as well?
A: Yes it does remove the details of the customer from Mailchimp as soon you delete personal data using our extension
Q: I don't receive confirmation email after an administrator deletes my account from admin customer section
A: Please make sure "Enable sending email communication to customer" setting is set to YES in system configuration
Q: I can't see "send deletion link to customer" button in admin under customer section
A: This could be because of the following three reasons -:
  1. You don't have permission to see this button
  2. Enable Customer Account Deletion / Anonymisation setting is set to YES
  3. Enable sending email communication to customer setting is set to YES
Q: I don't see "Export Customer Data" or "Delete GDPR Personal Data" in sales order action drop-down in admin
A: This could be because of the following two reasons -:
  1. You don't have permission to see this action
  2. Allow Guest Checkout system configuration setting under Sales -> Checkout -> Checkout Options is set to NO
Q: I don't see "Export Customer Data" or "Delete GDPR Personal Data" in newsletter action drop-down in admin
A: This could be because of the following two reasons -:
  1. You don't have permission to see this action
  2. Allow Guest Subscription system configuration setting under Customers -> Newsletter -> Subscription Options is set to NO
Q: Can I delete or export data for guest customers?
A: Yes you can delete and export complete data of guest customers from action drop down of sales order, newsletter subscription and privacy policy consent screens in admin
Q: Can I anonymise order data for guest customers?
A: Yes you can anonymise orders for guest customers from sale order screen using "Anonymise order" action. Please click here to see the screenshot
Q: As an administrator what all things I can perform and set up from Magento admin panel?
Here is the list of things you can do as an administrator -:
    1. Cookie Notification Message and other configurations – You can manage from System -> Configuration -> Scommerce Configuration -> GDPR

    1. Order anonymisation – This can be achieved either by clicking “Delete personal data” button from Customers -> Manage Customers or from Sales -> Orders -> Actions drop down (Anonymise Orders)

    1. Delete Personal Data for Guest or Registered Customers - This can be achieved by clicking “Delete Customer and Anonymise Transaction data” button from Customers -> Manage Customers or alternatively from action drop down of Sales Order Grid, Newsletter Subscription Grid, Customer Grid and Privacy Policy Grid

    1. Send delete link to customer – This can be achieved by clicking “Send deletion link to customer” button from Customers -> Manage Customers

    1. Export customer data - This can be achieved by clicking “Export GDPR data” button from Customers -> Manage Customers or from action drop down of Sales Order Grid, Newsletter Subscription Grid, Customer Grid and Privacy Policy Grid

  1. Transactional Emails - You can change email templates from System -> Transaction Emails. There are three emails which you can change -:
    1. Scommerce GDPR Deletion Confirmation - This sends link to customer to delete their own account
    2. Scommerce GDPR Customer Data to Admin - This sends email to administrator with customer details whose account has been recently being deleted
    3. Scommerce GDPR Deletion Success - This sends an email to customers after successfully deleting their account
  2. Privacy Policy Consents - You can check privacy policy consent from Customers -> Privacy Policy Consents. You can check all the consents given by customer from different sources like newsletter sign up or registration or contact us or order

Change Log

Version 0.0.1 - Initial Commit

Version 0.0.2 - Fixed issue related to delete function and also move hard coded text to configuration

Version 0.0.3 - Added functionality to disable cookie alert completely from admin panel

Version 0.0.4 - Refactored the anonymisation code to provide better performance

Version 0.0.5 - Added email templates in the configuration so that they can be amended using transactional emails

Version 0.0.6 - Added IP Address also to anonymisation list as static IP address could also be considered as personal data

Version 0.0.7 - Fixed issue related to cookie notification message as it was still appearing even the configuration was off

Version 0.0.8 - Added translation file to support different languages

Version 0.0.9 - Added feature to anonymise transactions using order action dropdown of sales orders grid in admin

Version 0.0.10 - Added new feature to export all customer data including order, order address, quote, quote address, customer, customer address and newsletter subscription

Version 0.0.11 - Added new feature to allow customer to change cookie preference even after accepting or declining cookie. Also blocked site wrapper id or class is now being configured so that it can be changed from admin configuration without changing theme code. Also given provision to override adminhtml sales order mass action block from admin configuration. Also added subscription date with newsletter

Version 0.0.12 - Added new feature to send email to administrator when customer account gets deleted so that they can delete that customer from external systems. Also added confirmation popup before deleting or sending email to customer from admin panel

Version 0.0.13 - Added new feature to anonymise personal data from orders automatically including invoices, shipment, credit memo. Also added permission to give access to certain roles to anonymise transaction and delete personal data from admin panel

Version 0.0.14 - Added new feature to override CMS page setting to use external or internal links. Also checking if jquery exists or right version of jquery is installed on the website or not. Also added subscription date in the newsletter grid in admin

Version 0.0.15 - Removed conflicts with third party extensions for sales order action because quite few extension are overriding Mage core classes.

Version 0.0.16 - Improved performance of order anonymisation and also added new Magento Enterprise tables including RMA and Archive to anonymisation process

Version 0.0.17 - Exporting payment information as well in the customer export file. Also changed the default email templates to match Magento default theme and fixed some system.log notices and warnings

Version 0.0.18 - Added new feature to record privacy policy consent from the forms where customers are filling personal data to make sure they understand and accept privacy policy before giving consent. Also added confirmation message on delete customer account on frontend and also in admin against order anonymisation to avoid mistakes

Version 0.0.19 - Added privacy policy consent checkout for newsletter subscription as well to cover all the forms of the website where personal data has been collected. Also fixed jQuery conflict for cookie popup message.

Version 0.0.20 - Added new configuration to stop sending delete account confirmation emails to customers automatically. Also changed configuration so that it is more organised instead of having all the fields in general configuration

Version 0.0.21 - Fixed issue related to addFieldFilter function to make it compatible with older version of Magento. Also added parameter confirm=1 with customer deletion link which allows customer to redirect to deletion page instead of delete the account straight away

Version 0.0.22 - Added new feature to allow full export and complete deletion of guest customers from the website. Also fixed issue related to email template for multi-store websites

Version 0.0.23 - Fixed filter issue related to sales order grid on order status, base and grand total columns

Version 1.0.24 - Added cookie pop up feature

Version 1.0.25 - Fixed issue with Cookie Pop up URL to reset the values

Version 1.0.26 - Fixed table prefix issue with cookie popup module

Version 1.0.27 - Added a new feature that connects our GDPR and GTM extensions with Google's Consent Mode v2 (CMv2), a feature that lets you adjust Google tags based on user consent. If you use our GTM extension, you can activate this feature by enabling consent mode and mapping the cookies. You can also select the list of GDPR countries to enabling region support for cookie banner.

Version 1.0.28 - We have added Decline All functionality to cookie banner and cookie popup to adjust with latest GDPR requirements
Fixed filtering functionality in sales order grid

Version 1.0.29 - Added multi-website support for cookie popup

Reviews 18

Write Your Own Review
Write a Review
You may also like