Magento 2 GDPR Compliance: Anonymisation of transaction data

£119.99 Excluding VAT

Make your Magento 2 store GDPR compliance effortlessly with our extension. This module allows you to implement cookie notification, full customer data export, customer data deletion along with anonymization of sales data of your store.

* Required Fields

Backend Demo Url
Frontend Demo Url

Magento 2 GDPR Compliance: Supports Individual Rights

Compatible with Magento 2 community and enterprise 2.0.x - 2.2.x including cloud edition

The extension will add all the essential tools and features that provide successful GDPR implementation. It supports cookie compliance, complete set of customer data export and customer data deletion along with anonymization of the transaction data

Here are the main features of this module-:

Cookie Compliance / Right to be informed

  • It implements cookie compliance customized notification message on your website
  • The cookie notification appears as soon as user lands up on the website
  • The cookie notification can be optional or mandatory for customers to accept before accessing the website
  • It allows you enable/disable cookie notification message from configuration
  • The text for the cookie notification is fully manageable from configuration
  • The extension provides options to manage text and background colour of the cookie notification message thought extension configurations so that you can match the colours to your site without changing code
  • The message is displayed at the top or bottom of the page which is configured through system configuration
  • The cookie choice saved as a cookie which can be further used to prevent calling third party trackings like Google Analytics, Google Remarketing, FB Remarketing etc.

Privacy Policy Consent / Right to be informed

  • It allows customers to give clear and concise consent at the time of newsletter subscription, contacting you, registrating an account and during checkout
  • It sets subscription date with all newsletter subscription because now you have to have information about who opted in and when with specific date and time
  • It records when, who and how the consent was given by the customer including their IP address before filling any personal data on your website
  • It allows administrators to look who, when and how the consent was given by the customer including guest customers
  • It allows administrator to control which forms they would like the consent checkbox to appear on the frontend
  • It allows administrator to change privacy text of the consent checkbox which appears on the frontend

Right to be forgotten

  • It provides registered user an option to delete their account including newletter subscription, quote, order, invoice, shipment and credit memo data. The user gets delete option under my account section on front end. Admin can enabke/disable this option from configurations.
  • It provides option to delete customers, newsletter subscription and anonymise transaction data to adminstrators
  • It allows administrators to send confirmation email to customers with the link to delete and anonymise their transaction data including order, invoice, credit memo and shipment
  • It allows administrators to anonymise transaction data manually which are older than the retention period. (New!)
  • It also allows to automatically anonymise transaction data which are older than the defined retention period in the system configuration.(New!)
  • It anonymises personal data which includes customer firstname, middlename, lastname, email address, remote IP address, phone, fax, region, street, city and postcode
  • The extension also allows you to set all the personal data in the Quotes to NULL through a cron job. You can easily manage the number of days after which data needs to be set to NULL from configurations

Right of access / Right of data portability

  • It allows administrators to export all customer data manually for a given customer. This meets the requirement of "right to access" and "right of portability" as under GDPR individuals will have full rights to ask for complete set of their personal data on your website. (New!)
  • It exports all the personal data from the system including customer, customer addresses, sales orders, sales order addresses, payment, quotes and newsletter(New!)

Other features

  • All the messages or texts appearing on frontend or backend can be transalated easily to the language of website
  • It provides you full control over the email templates from admin panel exactly same as any other Magento email template
  • It fully supports sub-domains and multi-domain websites **
  • Its compatble with all the latest Magento 2 Enterprise and Community versions
  • This module can be completely disabled via system configuration in admin

Use our demo store to try out this extension. The demo store is refreshed every 3 hours.
Admin Demo URL

What is GDPR?

Click here to know more about it.

We provide 60 days free support and free upgrade from the date of purchase for any standard Magento site. Installation service is also available with a minimal charge of £50 with 6 months free support and free upgrade for any standard Magento Site. If you need any help with this extension or you want to enhance this extension to meet your business needs, please contact and we will get in touch with you. And if we like your idea we might do the solution at discounted rate or for free.

** Please refer to our FAQ or T&C section for running our extensions on multiple domains or sub-domains

Frequently Asked Questions

Q. How can I get license key for my development website?

A. If you want to get the license key for the developer website, please contact our team at along with order number and development site URL. The developer website can be on a separate Magento installation than your base domain for which the license was purchased

Q. Can I test the extension before buying?

A. Unfortunately we can't provide you extension for testing purposes but we have demo available for most of our extensions and happy to provide full refund if the extension doesn't work

Q. Can I request for customisation on your extensions?

A. Yes we do provide all sort of customisation for our clients at the reasonable rates. And if we believe the customisation will help our product then we also provide great discount on the customisation

Q. I have two live domains, do I need a separate license key for each live domain?

A. Yes you need to buy a separate license key for each live domain or sub-domain. If you are buying licenses for more than four live sites in one transaction then we can offer you 30% discount on total amount

Q. How can I upgrade my extension to the latest version?

A. If your extension is within the free upgrade period then simply email us with your order number and our team will send you the latest version of the extension but if it is outside free upgrade period then you need to buy an upgrade using the following link

Once you received the latest version of our extension then we would highly recommend to delete all the files and folder of our extension from your website first before uploading the latest version because we might have removed existing files and keeping existing files could cause problems on your website.

Q: What is GDPR?

A: Click Here to know more about GDPR.

Q: What happens when customer "declines" or "accepts" third party cookies from cookie notification message?

A: It creates first-party cookie i.e. "cookie_accepted" and set the value to 1 when customer "accepts" and 0 when cutomer "declines". If you are using any of our tracking extensions then they all come with the option to stop sending info to third parties like Google when third party cookie usage has been declined by the customer. But if you are using third party tracking extension then they need to check for cookie name "cookie_accepted" and this will be set to 1 for "accept" and 0 for "decline"

Here is the function which will force your tracking not to run unless the cookie has been accepted by the customer from cookie notification message

     * Check if the third-party cookie has been accepted or not
     * @return bool
     protected function hasCookie()
          $cookieKey = 'cookie_accepted';
          $cookie = (string)Mage::getModel('core/cookie')->get($cookieKey);
          return ($cookie=="1" ? true : false);
Here is the function which will turn off your tracking only when customer declines from cookie notification message
     * Check if the third-party cookie has been accepted or not
     * @return bool
     protected function hasCookie()
          $cookieKey = 'cookie_accepted';
          $cookie = (string)Mage::getModel('core/cookie')->get($cookieKey);
          return ($cookie=="0" ? false : true);
N.B - You don't need to do anything with your trackings if you are not sending Personal Identified Information (PII) because GDPR only applies to personal data not transaction or catalogue data

Q: I am using GTM for all my trackings, can I control certain tags to get fired only when customer has accepted the cookie?

A: Yes of course, please follow the below steps in GTM -:

  1. Step 1 - Create a new variable named "acceptance_cookie", variable type should be 1st-Party cookie and give the name of the cookie as "cookie_accepted"

  2. Step 2 - Create a new trigger named "Acceptance Cookie", trigger type could be anything like GTM.DOM, Pageview, Custom Event etc. and based on the trigger type choose some custom events or some pageview and add the following condition

    - From first dropdown - select variable name created in Step 1 i.e. "acceptance_cookie"
    - From second dropdown - select equals
    - Third Input box - put value 1

  3. Step 3 - Associate the trigger created in Step 2 ie.. "Acceptance Cookie" with any existing tag and that tag will ony fire when customer accepts the cookie on your website

Q: Does this extension make my company fully GDPR compliant?

A: This extension is going to support towards compliance, it targets mainly around few main requirements "cookie notification", "privacy consent", "right to erasure","right to be informed","right of data portability" and "right of access" but just installing this extension is not going to make your company fully compliant. To be precise it is not just implementing technical elements on your website. It is a disciple which is around making sure the personal data (for example email address, phone number, name, addresss, medical info etc.) which is stored in your data centre in any format or the personal data that you are sharing with third parties is secure. For more information Click here to know more about GDPR.

Q: If someone puts items into a cart and does provide personal information, but finally does NOT order, the customer is not registered as a customer but that data is still somewhere in the system - does this module also delete this data ?

A: Yes we are running a cron job which clears personal data from cart / quote table automatically after set number of days which you can configure in admin, by default it is set to 30 days.

Q: Can my customer change their cookie preference?

A: Yes they can change their cookie preference by clicking on the cookie preference link from the header

Q: How often the cron job runs to anonymise order data automatically?

A: It runs every 1 hour to anonymise order data automatically

Q: Can I anonymise order data for guest customers?

A: Yes you can anonymise orders for guest customers from sale order screen using "Anonymise order" action. Please click here to see the screenshot

Q: As an adminstrator what all things I can perform and set up from Magento admin panel?

Here is the list of things you can do as an administrator -:

  1. Cookie Notification Message and other configurations – You can manage from Admin -> Stores -> Configuration -> Scommerce Configuration-> GDPR

  2. Order anonymisation – This can be achieved either by clicking “Delete personal data” button from Customers -> All Customers or from Sales -> Orders -> Actions drop down (Anonymise Orders)

  3. Send delete link to customer – This can be achieved by clicking “Send deletion link to customer” button from Customers -> All Customers

  4. Export customer data - This can be achieved by clicking “Export GDPR data” button from Customers -> All Customers

Release Notes

Version 1.0.0 - Initial Commit

Version 1.0.1 - Fixed issue related to internal testing

Version 1.0.2 - Added newsletter subscription date

Version 1.0.3 - Added .page-wrapper in configurations

Version 1.0.4 - Fixed issue with account deletion option on mobile view

Version 1.0.5 - Added new feature to add privacy consent mandatory checkbox on all the forms of the website to collect information from who, when and how the consent was given

Version 1.0.6 - Added new feature for auto anonymisation of transaction data

  1. Excellent support!
    Review by Bogdan M

    Simply great and responsive support. Definitely recommend Shivani and team to others. We asked for license keys for dev domains and it was provided straight away.

    (Posted on 28/08/2018)

  2. Great module and service
    Review by John Pieterson

    Great service, we have just upgraded to the latest version of the extension and they have added privacy policy consent feature which we were thinking to buy another extension. Great value for money!

    (Posted on 30/07/2018)

  3. Great features and support
    Review by Martin Butler

    Checked quite few modules before buying this one, asked these guys dozen of questions which they answered patiently so last week I went and bought this module and I am not disappointed at all because of the number of features they have built. Their customer service is great as well because they instantly provided us development license key for our staging environment. Overrall great customer experience. Price could be cheapear so 4 stars for that :-)

    (Posted on 17/06/2018)

  4. Great add-on and service
    Review by Anthony

    We are happy with the module and especially the service, we bought this module with installation and these guys installed everything within 2 hours, excellent service!

    (Posted on 25/05/2018)




You're reviewing: Magento 2 GDPR Compliance: Anonymisation of transaction data

How do you rate this product? *

 1 star2 stars3 stars4 stars5 stars
  • © 2018 Scommerce Mage Ltd. All rights reserved. Your privacy and security are guaranteed. VAT registration number GB239 3674 77.
    Scommerce Mage Limited, Company Number 08765857, Registered in England and Wales.
    Registered Office: 39 Coresbrook Way, Knaphill, Surrey, GU21 2TR, United Kingdom.