WordPress Cookie Banner: GDPR-Compliant CMP in 3 Steps
Add a compliant cookie banner to your WordPress site with no paid plugin, no code, no friction. Native Google Consent Mode v2, France hosting, free up to 5,000 sessions/month.
- GDPR & CNIL compliant
- Hosted in France
- Google Consent Mode v2
WordPress ships no GDPR-compliant cookie banner by default
WordPress powers 43% of sites on the internet — but the core ships no GDPR-compliant CMP. Native banners from Elementor, Divi, Avada or WooCommerce all lack the symmetrical refusal, the granular purposes and the consent proof required by the CNIL (the French data protection authority) since its 2020 guidelines.
Dedicated plugins (Cookiebot, Axeptio, Complianz) work, but cost €60 to €200/year and add a heavy load-time dependency. The simplest solution: a 12 kB ConsentLab JavaScript snippet, added to <head>via a free plugin like "Insert Headers and Footers". Three steps, ten minutes, zero euro.
What ConsentLab brings to your WordPress
No paid plugin needed
One snippet in <head>. Compatible with every theme (Astra, GeneratePress, Divi, Elementor) and every page builder.
Native Google Consent Mode v2
The 4 v2 signals (ad_storage, analytics_storage, ad_user_data, ad_personalization) are emitted automatically — compatible with GA4, Google Ads, and Floodlight.
Performance without compromise
12 kB gzipped, async loading, LCP impact < 20 ms. No jQuery, no WordPress dependencies.
Timestamped consent proof
Every user choice is stored with timestamp + CMP version + purposes. Exportable as CSV in case of CNIL audit.
Install ConsentLab on WordPress in 3 steps
Total time: about 10 minutes. No technical skills required. Works on every host (OVH, o2switch, Hostinger, WP Engine, Kinsta).
Create your ConsentLab account
Sign up in 30 seconds, no credit card. Scan your site (automatic URL) to detect current cookies and pre-fill the purposes.
Install "Insert Headers and Footers"
Free WordPress plugin (300,000+ installs). In WP admin > Plugins > Add New, search for it and activate. Alternative: the WPCode plugin or your child theme.
Paste the snippet in <head>
In Settings > Insert Headers and Footers > Scripts in Header, paste the ConsentLab code. Save. Reload your site: the banner appears.
<script src="https://cdn.consentlab.eu/loader.js"
data-site-id="YOUR_SITE_ID"
async></script>Need help? Read the documentation or ask via chat.
Trusted by thousands of WordPress sites in France
of sites worldwide run on WordPress — and most have a non-compliant banner
average ConsentLab install time on an existing WordPress site
up to 5,000 sessions/month, unlimited domains, no credit card
Frequently asked questions
Do I need to buy a paid plugin to be GDPR-compliant on WordPress?
No. A JavaScript snippet added to <head> via a free plugin like 'Insert Headers and Footers' is enough. You save €60 to €200/year on premium plugins.
Are the native cookie banners from Elementor or Divi GDPR-compliant?
No. Native banners from page builders implement neither symmetrical refusal nor Google Consent Mode v2. They also lack the exportable consent proof required by the CNIL.
Should I add the snippet before or after Google tags?
Before. Consent Mode must declare a default 'denied' state to all Google tags before they load. ConsentLab handles this ordering automatically.
Is my multilingual WordPress site supported?
Yes. ConsentLab detects the page language via the <html lang> attribute. You can also force a locale via a data-locale attribute on the snippet.
Does the banner slow down my site?
The script weighs less than 12 kB gzipped and loads asynchronously. LCP impact measured at less than 20 ms in our standard WordPress benchmarks.
How do I test that everything works after installation?
Use Chrome DevTools > Application > Cookies: nothing should appear before your click. Or the CNIL's Cookiedex which scans your site and tells you exactly what's deposited.
Your WordPress GDPR-compliant cookie banner in 10 minutes
ConsentLab is the simplest CMP for French and European WordPress sites. Free up to 5,000 sessions/month, unlimited domains, hosted in France.