Mirasvit GDPR Magento 2 Extension

- E-Commerce, Magento 2

Today, we are describing a new solution developed by Mirasvit that helps e-commerce merchants to comply with the GDPR and CCPA (California Consumer Privacy Act) regulations. With the tools offered by the Mirasvit GDPR extension, you can be sure that your business operates in line with the GDPR requirements. By installing the Magento 2 module, you will also be able to collect and process customers’ personal data as it is required by the EU legislation. Below, we highlight the main features of the GDPR Magento 2 extension and explore its functionality from the admin and customer perspective.

Download / Buy Mirasvit GDPR Magento 2 Extension


  • Ability to set up a privacy policy compliant with the GDPR and CCPA regulations;
  • Customizable cookie consent bar with the link to the privacy policy;
  • Ensured right for customers for personal data download and removal;
  • Option to anonymize user details;
  • Dedicated grids for customers’ consents and requests management;
  • Additional functions in the customer account area related to data access and removal.

The Mirasvit GDPR module is aimed at merchants who operate their business in the EU region or have clients from this area. Besides, the extension provides appropriate functionality for complying with the requirements of the CCPA that covers residents and businesses in California. GDPR introduces the right for customers to have access to their personal data stored on a website, as well as delete it. Mirasvit’s GDPR solution provides the necessary tools for adjusting your privacy policy and managing customers’ requests in a legitimate way.

According to the GDPR regulations, it is required to provide online shoppers with the ability to give consent for the processing of their personal details. After installing the Mirasvit GDPR extension, you can add a configurable cookie policy bar to your store pages. The message displayed in the popup window can be customized. You can also insert a link leading users to a separate page with a detailed explanation of your privacy policy. Besides, you can add a checkbox to the registration, contact, and subscription forms, as well as the checkout page that will let customers agree to the privacy policy in one click. This way, you can ensure your website visitors that their personal data is processed safely on your store.

Furthermore, the Magento 2 GDPR module enables customers to send requests for getting a copy of their data stored on a web store. Besides, registered customers can ask to anonymize their personal details, which will turn a user’s first and last names, email address, phone number, date of birth, and address information into an anonymized text. Also, there is the possibility to permanently delete customers’ accounts created on your store with all related data.

The Mirasvit GDPR extension for Magento 2 provides store managers with convenient management of customers’ consents and requests. Consents to the data processing are gathered on a separate grid that allows admins to quickly check which customers agreed to your privacy policy and from which page of your store.

As for the management of the requests, all of them can be accessed from one place in the Magento backend. The module classifies requests by their type and allows admin to track their statuses on the grid. After a customer submits a request to copy, anonymize, or erase their data, a store admin decides whether to approve or decline it.

As for the user experience on the frontend, your clients get extended functionality in their account area, allowing them to download their personal details and submit requests to anonymize stored info or completely erase their accounts.


All consents given by customers for the usage of their data are gathered on a grid under Customers -> GDPR -> Customers’ Consents. The grid shows the following details:

  • an ID assigned to each consent;
  • date and time when consent was provided;
  • IP address;
  • a customer’s name;
  • consent type: Cookies, Registration Form, Contact Us Form, Subscription Form, or Checkout Form;
  • status (Allowed).

As for the delete, anonymization, and data provision requests, you can track them on a separate grid under Customers -> GDPR -> Customers’ Requests. The grid includes the following columns:

  • ID;
  • Date;
  • Customer;
  • Request type: Provide User Data, Anonymize User Data, or Remove User Data;
  • Status: Pending, Rejected, or Completed;
  • Action.

While a request is in the pending mode, an admin can approve or deny it. The appropriate options are displayed in the Actions menu drop-down. Note that these actions are irreversible. 

If a user’s data is not removed, you can navigate to the customer information page by clicking on a customer’s name in the corresponding column of the requests grid. If a customer’s request for anonymizing personal details was approved, such data as billing and shipping addresses, name, tax/VAT number will not be visible to the admin.

Now, let’s have a look at the general settings of the Mirasvit Magento 2 GDPR extension. The configuration page is divided into 6 tabs: General Settings; Cookie Consent Bar; Form’ Consent Checkbox; Download Personal Data; Anonymize Personal Data; and Remove Personal Data and Account. In the first tab, you enable/disable the module’s functionality.

Next, you decide whether to show the cookie policy bar on your storefront and choose its behavior – with or without a lock screen. Here, you can also type in the text that will be displayed in the cookie consent popup window.

In Form’ Consent Checkbox, you decide where to show the privacy policy consent checkbox. The available options here are: Registration Form, Subscription Form, Contact Us Form, and Checkout Form. Here, you also specify the text that will be placed next to the checkbox. 

In the following tabs of the Magento 2 GDPR extension’s configuration, you decide whether to allow customers to submit requests for downloading and anonymizing their personal data, as well as deleting their details and account.

Next, we want to show you which functionality the GDPR Magento 2 module by Mirasvit adds on the frontend.


Below, you can see how the cookie consent bar appears on the frontend.

As we’ve mentioned above, you can add the privacy policy checkbox to the registration, newsletter subscription, and contact us forms. In the image below, the new customer account form includes the appropriate checkbox. 

With the Mirasvit GDPR extension, customers also get the possibility to accept the privacy policy on the checkout page.

After clicking the Privacy Policy link in the cookie bar text or the text displayed next to the checkbox, a user will be redirected to the page with a description of the cookie policy.   

The Mirasvit GDPR extension adds new functions in the Account Information tab of the customers’ profiles. Users get the ability to download their info, submit requests for anonymizing their personal details, and request to remove their accounts with all stored data. Note that customers can’t send requests for data anonymization if they have pending orders.

Final Words

The Magento 2 GDPR extension by Mirasvit is a must-have solution for merchants who need to make their business compliant with the GDPR and CCPA regulations. With the module, you get all the necessary tools for fine-tuning your privacy policy in line with the legislation requirements and ensuring customers’ right to access and manage their personal details. The Magento 2 extension has a user-friendly admin interface and adds relevant functionality on the storefront. This way, you can provide your store admins with straightforward management in the backend and increase customer loyalty and trust to your business. As for the price, you can buy the Mirasvit GDPR Magento 2 extension for $149.

Download / Buy Mirasvit GDPR Magento 2 Extension