Keep your Borlabs banner. Add the audit and GDPR documents that prove what actually fires.
Borlabs Cookie is a self-hosted consent plugin built in Hamburg, Germany, for WordPress sites. It runs entirely inside your own WordPress install, renders a customizable consent banner, blocks scripts and embeds until consent, supports IAB TCF 2.2 and Google Consent Mode v2, and licenses by the number of sites you cover. It is one of the best-known names in the German-speaking WordPress community, and for a self-hosted WP banner it is a genuinely strong choice. CookieSentry is not that. CookieSentry does not ship a consent banner and is not a CMP. It is the independent layer that loads your live URL like a real visitor, catches every cookie and tracker that fires before consent, names the source, and generates the localized GDPR documents you hand to counsel or a DPA. The honest split: keep Borlabs as your WordPress banner, add CookieSentry to prove the banner actually holds and to produce your evidence and documents.
€300,000
Maximum cookie-specific fine per violation under Germany's section 25 TDDDG, on top of GDPR penalties
section 25 TDDDG / German Telecommunications Digital Services Data Protection Act
Apr 1, 2025
Germany's Consent Management Ordinance (EinwV) took effect, tightening recognized consent requirements
EinwV / German Consent Management Ordinance
€20M / 4%
GDPR ceiling that still applies alongside TDDDG for unlawful tracking before consent
GDPR Art. 83
1 install
Borlabs runs inside your own WordPress, so updates, scanning gaps and liability sit with you
borlabs.io product documentation
Borlabs lives inside WordPress and reasons about WordPress plugins, themes and embeds. CookieSentry loads your live URL from the outside like an ordinary visitor, so it sees what genuinely fires in the browser regardless of how the page is built. That outside-in view catches trackers injected by tag managers, third-party scripts, marketing snippets and CDN-served code that a plugin sitting in the same runtime can miss.
A banner plugin reports the categories you configured. CookieSentry produces an independent, timestamped record of which cookies and trackers actually fired before consent, naming each source, as a shareable indexable report plus a downloadable PDF. That is the difference between a setting that says blocking is on and proof you can hand to a privacy team, an agency or a regulator.
Borlabs handles the consent UI; it does not draft your privacy and cookie documents. CookieSentry generates GDPR documents localized to the rules that actually apply, with national-law overlays for Germany's section 25 TDDDG plus Poland, Denmark, Sweden and pan-EU ePrivacy, so your paperwork matches the jurisdiction enforcing it rather than a generic GDPR baseline.
Borlabs Cookie's biggest strength is also where the burden lands on you. Because it is a self-hosted WordPress plugin running inside your own install, every update, every compatibility issue with a new theme or caching plugin, and every gap between what the banner thinks it blocks and what the browser actually loads is yours to find and fix. The plugin's own scanner inspects your WordPress installation and recommends packages, but it reasons from inside the same runtime it is trying to police.
CookieSentry takes the opposite vantage point. It requests your live page the way a real visitor's browser does and records what fires before any consent is given. That outside-in scan does not depend on which WordPress version, theme or plugins you run, and it does not assume the banner did its job. It checks. When a marketing tag, an A/B testing snippet or an embed slips a cookie before the dialog is answered, CookieSentry names it. Keeping Borlabs as your banner and adding CookieSentry closes the loop between configured and actual.
German enforcement is among the most concrete in the EU. Section 25 TDDDG implements ePrivacy Art. 5(3) and requires consent before non-essential cookies are set, cookie-specific fines can reach €300,000 per violation, and the Consent Management Ordinance (EinwV) that took effect on 1 April 2025 raised the bar for recognized consent. A banner that is correctly configured is a control measure, but if a regulator or a client asks what fired before consent on a given date, the configuration screen is not the answer they want.
CookieSentry exists to be that answer. The shareable report and downloadable PDF give you a dated, source-named record of pre-consent behavior that you can attach to a record of processing, send to counsel, or show an agency client. Borlabs decides what the visitor sees and consents to; CookieSentry documents whether that decision was actually honored in the browser. The two are complementary, not competing.
This is not a rip-and-replace. If you use Borlabs for the WordPress consent dialog, keep it. The consent UI, the script and content blockers, TCF 2.2 and Consent Mode v2 integration stay exactly where they are. CookieSentry does not display, host or manage a banner and never will.
What changes is that you stop relying on the banner to also be your evidence and your legal paperwork. CookieSentry runs the independent pre-consent scan, produces the exportable PDF and the public compliance badge, monitors on paid tiers, and generates the localized GDPR documents with German and pan-EU overlays. If a team had been leaning on Borlabs' built-in scanner as their audit trail, that is the half CookieSentry replaces, with an external, verifiable scan that does not live inside the site it is checking.
Silence, pre-ticked boxes or inactivity should not therefore constitute consent.
| Capability | CookieSentry | Borlabs Cookie |
|---|---|---|
| Consent banner / CMPBorlabs renders and manages the WordPress consent banner; CookieSentry does not offer a banner. | ||
| IAB TCF supportBorlabs supports IAB TCF 2.2; CookieSentry is not a CMP and does not implement TCF. | ||
| Automatic pre-consent cookie scanningBorlabs scans your WordPress install from inside; CookieSentry scans any live URL from the outside as a visitor. | ||
| Free public scan (no signup)CookieSentry offers an instant public scan with no account required. | ||
| GDPR document generationBorlabs handles the consent UI, not policy/document drafting. | ||
| Exportable audit evidence (PDF)CookieSentry produces a shareable report plus downloadable PDF for counsel or DPAs. | ||
| National-law overlaysCookieSentry maps to section 25 TDDDG, PL, DK, SE and pan-EU ePrivacy; Borlabs targets GDPR/ePrivacy generally. | ||
| Works beyond WordPressBorlabs is a WordPress-only plugin; CookieSentry audits any stack. | ||
| Deployment modelBorlabs runs in your WordPress; updates and gaps are yours to manage. | Cloud SaaS, no install | Self-hosted WP plugin |
| Pricing modelBorlabs licenses by number of sites; CookieSentry does not scale by subpage count. | Flat, predictable | Per-site annual license |
Borlabs runs inside your WordPress install, so plugin updates, theme conflicts and any drift between configured and actual blocking are your responsibility to detect. CookieSentry's external scan checks what really fires, independent of your WP version or plugins.
section 25 TDDDG implements ePrivacy Art. 5(3) and requires consent before non-essential cookies. Cookie-specific fines can reach €300,000 per violation, and the EinwV Consent Management Ordinance took effect on 1 April 2025.
Borlabs' configuration shows intended behavior. CookieSentry produces a dated, source-named record of what actually fired before consent, exportable as a PDF you can hand to a privacy team, agency client or regulator.
Borlabs Cookie is best for WordPress-first teams that want a self-hosted, privacy-respecting consent banner with deep WP integration. Its script and content blocking, geo-restriction, multilingual banner, IAB TCF 2.2 and Google Consent Mode v2 support, and the fact that no visitor data leaves your own server make it a strong fit for German and EU WordPress sites that want to own their consent UI. That banner and CMP capability is a real strength CookieSentry does not offer at all. If you run on WordPress and need the consent dialog itself, Borlabs is a sensible pick and there is no reason to remove it. CookieSentry sits next to it, not in place of it.
Borlabs licenses by the number of websites, with tiers stepping up from a single site to dozens, renewed annually. That is reasonable for WordPress agencies but means cost and license tracking grow with your site count. CookieSentry is priced flat and predictable and does not scale by the number of subpages you scan, so a deep audit of a large site costs the same to run as a small one. Because the two tools do different jobs, this is not strictly head-to-head: you may keep paying for Borlabs as your banner while CookieSentry covers audit and documents.
There is nothing to rip out. Keep Borlabs Cookie as your WordPress consent banner; CookieSentry does not provide a banner and is not a CMP. Add CookieSentry alongside it: run the external pre-consent scan to verify what actually fires in the browser, export the timestamped PDF evidence, and generate your localized GDPR documents with German section 25 TDDDG and pan-EU overlays. If you had been using Borlabs' built-in scanner as your only audit trail, CookieSentry replaces that half with an independent, outside-in scan, while Borlabs keeps doing the consent UI it does well. Never swap your consent script to CookieSentry.
No. CookieSentry does not offer a consent banner and is not a CMP. Keep Borlabs for the WordPress consent UI. CookieSentry adds the independent pre-consent scan, exportable evidence and localized GDPR documents.
Borlabs scans your WordPress install from the inside. CookieSentry loads your live URL from the outside like a real visitor, so it catches trackers injected by tag managers, embeds and third-party scripts regardless of your WP setup, and produces a dated, source-named PDF you can hand to counsel or a regulator.
Yes. Borlabs is WordPress-only, but CookieSentry audits any stack because it scans the live URL in the browser. The same audit and document workflow applies whatever your site is built on.
Yes. CookieSentry's checks and generated documents use national-law overlays mapped to Germany's section 25 TDDDG, plus Poland, Denmark, Sweden and pan-EU ePrivacy, rather than a generic GDPR baseline.
Weighing more than one option? See how CookieSentry stacks up against the other consent tools on the market.
Run a free CookieSentry scan on your live pages, catch early-firing cookies, and export evidence your privacy team or agency can act on — no signup required.
Run a free scan →Comparison last reviewed 2026-06-14. Borlabs Cookie is a trademark of its respective owner; competitor details are described in good faith and may change over time.