J2Commerce 6.3 (native Joomla 6) is available!
Logo to visit J2Commerce homepage
J2Commerce
GDPR
Free
$0.00

Don't Be The Idiot Who Gets Fined

Real consent. Real deletion. Real audit log. Real protection. Your Joomla J2Commerce ecommerce store, finally not a regulator's chew toy.

€20M
Or 4% of revenue. Whichever is higher.
19
Languages your consent gate speaks fluently
10
Minutes from install to compliance

You Think GDPR Doesn't Apply To You

Cute. Wrong, but cute. GDPR applies the moment ONE shopper from the EU lands on your Joomla checkout. One Berlin customer. One Dublin browser. One holidaymaker from Rome who bought a coffee mug while drunk. Doesn't matter where your store is hosted, doesn't matter how small you think you are, doesn't matter how many years you've been “getting away with it.”

You're one annoyed shopper away from being the cautionary tale.

Stop Being The Cautionary Tale

Every feature is built around one idea: when the regulator asks “show me,” you have something to show.

Checkout Consent Gate

The cart literally won't submit until the customer ticks the consent box. No more “they never agreed” disputes. No more “your honor, we MEANT well.”

J2Commerce 6
One-Click Customer Data Wipe

Customer wants to be forgotten? They press the button on their My Profile page. You don't have to do a thing. The right gets exercised in 30 seconds.

J2Commerce 6
Activity Audit Log

Every edit. Every delete. Every formal request. Timestamped, attributed, kept. When the regulator says “show me,” you show them.

J2Commerce 6
Admin Email Alerts

The second a customer edits or deletes anything, you know. No surprises. No “I never knew.” The regulator hates “I never knew.”

J2Commerce 6
Customer Receipt Emails

They get a confirmation of their own change. They feel respected. They don't email the regulator. Bonus.

J2Commerce 6
Custom GDPR Request Tab

Adds a dedicated tab where customers can submit “send me my data” / “delete my account” / “stop emailing me” requests. Logged. Timestamped. Permanent.

J2Commerce 6
IP-Address Scrubbing

One toggle. Customer IPs never hit your cart or order records. Maximum-privacy mode for the paranoid customer (and the paranoid store owner).

J2Commerce 6
Reuse Your Existing Privacy Article

One click, the plugin pulls your existing Joomla article into the checkout. No copy-paste. No duplication. No version drift. No lawyer asking why two versions disagree.

J2Commerce 6
19 Languages, Out Of The Box

Your German shopper sees the consent box in German. Your French shopper sees it in French. Consent in a foreign language isn't legally valid — we fixed that for you.

J2Commerce 6

Stores Already Saving Themselves

Sells handmade jewelry from a small studio in Portland. 60% of customers are American, 40% are European tourists who fell in love with a necklace on vacation. Used to think GDPR was for Amazon-sized stores. Got a complaint via the Irish DPC after one Dublin shopper got ignored. Spent three weeks of evenings panic-Googling. Now: consent gate at checkout, address audit log, “delete all my data” button on the customer profile. New complaints in the year since installing? Zero. New ulcers? Zero.

Sells industrial cleaning supplies to companies across the EU. Every B2B buyer's procurement officer demands documented privacy compliance before approving the first PO. Used to manually pull together evidence per request — three hours each, every quarter. Now: turns on the activity log + admin alerts + GDPR request tab. Procurement can self-serve their evidence. New deals close in days, not weeks.

Sells design templates worldwide. Privacy-conscious customer base, half of whom email asking “do you store my IP address?” Used to answer “uh, yes, in the order log.” Used to lose 1 in 10 of those customers. Now: flips the IP-scrubbing toggle. Customer IPs never hit the cart or order records. Pre-sale “are you privacy-respecting?” emails get answered with one word: yes. Conversion rate up. Refund rate down.

Bakery supplies store, Berlin warehouse, customers from Germany, Austria, the Netherlands, and France. Used a generic English-only privacy banner and prayed. German customers complained that consent in a foreign language isn't valid consent. They were right. Now: the consent box renders in German for German visitors, Dutch for Dutch, French for French, all from the bundled language pack. Complaints stopped. Conversion improved. Customers stopped feeling like an afterthought.

Install It. Sleep Better. The End.

You can spend the next year telling yourself GDPR is somebody else's problem and praying you never make a regulator's inbox. Or you can install this plugin, flip ten switches, and stop being the cautionary tale.

Translated In The Following Languages

Arabic Unitag (ar-AA), Chinese, Traditional (zh-TW), Danish (da-DK), Dutch (nl-NL), English (en-GB), English, USA (en-US), Finnish (fi-FI), French (fr-FR), German (de-DE), Greek (el-GR), Hebrew (he-IL), Italian (it-IT), Japanese (ja-JP), Norwegian Bokmål (nb-NO), Persian Farsi (fa-IR), Polish (pl-PL), Portuguese, Brazil (pt-BR), Portuguese, Portugal (pt-PT), Russian (ru-RU), Spanish (es-ES), Swedish (sv-SE), Turkish (tr-TR)

  • Developer J2Commerce
  • Extension Type Apps
  • J2Commerce Version 4.x, 6.x
  • Joomla Version 4.x, 5.x, 6.x
Language Translations
Arabic UnitagArabic Unitag
Chinese, TraditionalChinese, Traditional
DanishDanish
DutchDutch
EnglishEnglish
English, USAEnglish, USA
FinnishFinnish
FrenchFrench
GermanGerman
GreekGreek
HebrewHebrew
ItalianItalian
JapaneseJapanese
Norwegian BokmålNorwegian Bokmål
Persian FarsiPersian Farsi
PolishPolish
Portuguese, BrazilPortuguese, Brazil
Portuguese, PortugalPortuguese, Portugal
RussianRussian
SpanishSpanish
SwedishSwedish
TurkishTurkish

User Guide (Version 4)

User Guide (Version 6)

New Feature Add customer "Delete All My Addresses" self-service button (GDPR erasure)

New Feature Add customer "Delete My Address Data From All Orders" button (anonymises order PII)

Fix Fix My Profile "Send Request" failing with a generic error (migrate to com_ajax)

Fix Fix GDPR Activity Log toolbar button + Help link not appearing in Plugin Manager

Fix Fix Activity Log "Clear All" deleting nothing (HTML-escaped URL in JS string)

Fix Fix terms checkbox not blocking the checkout Continue button

New Feature Render all injected buttons via framework templates (Bootstrap 5 + UIkit 3)

New Feature Add "Show Delete Order Addresses Button" parameter toggle

Improvement Translate the full UI into 18 additional languages

Improvement Title Case all plugin parameter labels

Improvement Add a distinct activity-log audit entry for order-data erasure

Improvement Convert toolbar/help wiring to the proven event-hook pattern

Fix Display terms at logged-in billing step

New Feature J2Commerce v6 and Joomla 6 support

Update J2Store v4 and Joomla v4 support plugin

Improvement Image integration with new app store

Additional terms and conditions link

The extension adds a GDPR Consent and Privacy Policy link at the checkout (Like the terms and conditions). You can use this to take the consent of a EU customer to store his personal data (that is, the address data).

Additional terms and conditions link
One click delete address button

One click delete address button

The most exhausting thing about GDPR isn't the law — it's the inbox. “Hi, please delete my account.” “Hello, can you remove my address?” “Hey, I want my data exported.” It never ends.

Now there's a button on the customer's My Profile page. They press it, their stored addresses and order data get wiped, the action gets logged for your compliance file, and an alert lands in your inbox saying “Sarah just exercised her right to be forgotten.”

  • Sarah didn't have to email you
  • Sarah didn't have to email the regulator either
  • You didn't have to do anything but be smart enough to install the plugin

Custom request form

A form would be displayed at the My Profile page, through which users could place a request to the store admin to delete their information stored on the site.

Custom request form
The Audit Log That Saves Your Bacon

The Audit Log That Saves Your Bacon

A data subject access request arrives. The shopper claims you never honored their deletion. You claim you did. Without a log, that's their word against yours — and in GDPR-land, their word wins by default.

With this plugin, every change is timestamped and attributed. Filter by address changes, order activity, or formal GDPR requests. Clear all of one type with a click or delete entries one-by-one. Your compliance binder, built in.

  • Stores with records walk away from complaints
  • Stores without records pay fines
  • Be the first kind

The Consent Gate Customers Can't Skip

Most stores treat consent as an afterthought — a tiny grey footer link nobody reads. That works right up until the day it doesn't, which is the day a regulator asks “show me the consent record for this order.”

This plugin parks the consent moment exactly where it belongs: on the checkout page, before the customer can press Pay.

  • Required checkbox mode for legal certainty
  • Link-display mode for “must read” soft consent
  • Configurable label, prefix, suffix, and warning message
  • Per-audience toggles — show to guests, registered shoppers, or both
The Consent Gate Customers Can't Skip
Customize the validation message and GDPR link text

Customize the validation message and GDPR link text

If you wish to change the text of the validation message or the GDPR link text, it is possible by creating overrides for the language constants available at the app's settings.

You may also be interested in these products

European VAT

European VAT

$0.00
View Details
PDF Invoice

PDF Invoice

$19.00
View Details
Price Text

Price Text

$19.00
View Details
Gift Wrapping

Gift Wrapping

$19.00
View Details

Stay Updated

Subscribe for free and be the first to know about the latest features, updates, and new additions.