About DPOKit
Privacy compliance beyond cookie banners — built for WordPress.
Our mission
Most privacy compliance tools stop at the cookie banner. We built DPOKit because businesses processing EU and UK personal data face real regulatory exposure that a banner alone cannot address.
DPOKit moves privacy compliance into daily operations — mapping where data goes, automating DSAR responses, enforcing retention policies, and generating the audit-ready records that regulators actually ask for.
What we build
DPOKit is a WordPress plugin designed for businesses that take data protection seriously. It covers the four operational pillars of a credible privacy programme:
- Data mapping. Automated scanning detects third-party scripts, cookies, and tracking endpoints across your site and builds a living Record of Processing Activities (ROPA) — updated continuously, exportable for legal review.
- Consent management. Category-based script blocking, a WCAG 2.1 AA-compliant consent banner, and full Google Tag Manager Consent Mode v2 integration — all with a tamper-evident consent log.
- DSAR workflows. An embeddable intake form, automated data collection across WordPress, WooCommerce, and major form plugins, and a case management interface that tracks statutory deadlines from receipt to resolution.
- Retention enforcement. Configurable policies per data category, legal hold overrides, and scheduled background jobs that anonymise or delete data — with an immutable audit log of every action taken.
Compliance scope
DPOKit is scoped to three primary frameworks: GDPR (EU), UK GDPR, and CCPA/CPRA. All generated legal text — privacy notices, ROPA exports, deletion confirmations — is clearly marked as a draft requiring review by a qualified lawyer. DPOKit does not provide legal advice.
Get in touch
Questions about DPOKit, licensing, or data processing? Visit our contact page or email us at hello@dpokit.com.
For privacy-related enquiries, contact our data protection team at privacy@dpokit.com.