Keep your Complianz banner. Add the independent audit that proves what actually fires before consent.
Complianz is a Dutch WordPress and WooCommerce consent plugin built by Really Simple Plugins (Groningen, now part of team.blue), live since 2018 and installed on roughly a million sites. It is a self-hosted CMP: a registered IAB TCF v2.0 vendor (CMP ID 332) with Google CMP certification, a guided banner, and a built-in scanner that populates its own cookie policy. As a plugin, it runs inside your WordPress install, which means you own its updates, its scanning coverage and the liability if it drifts. CookieSentry takes a different job entirely. It is not a consent banner and not a CMP, so it does not replace Complianz on your site. Instead it is an independent, stack-agnostic audit layer that loads your live URL like a real visitor, flags every cookie and tracker that fires before consent and names its source, then generates localized GDPR documents you can hand to a privacy team or counsel.
~1,000,000
WordPress sites running Complianz, per its own marketing
complianz.io
€600,000
Dutch AP fine to A.S. Watson (Kruidvat) in 2024 for tracking cookies set before banner interaction
autoriteitpersoonsgegevens.nl
€40,000
Dutch AP fine to Coolblue for processing data via cookies without valid consent
autoriteitpersoonsgegevens.nl
~500 / yr
Warning letters the Dutch AP targets under its dedicated cookie-enforcement budget since 2024
autoriteitpersoonsgegevens.nl
Complianz's scanner feeds its own cookie policy, so the tool that sets the banner is also the tool that grades it. CookieSentry is a separate party: it loads your live site like a visitor and records what fires before any consent is given, producing evidence a regulator or counsel will treat as independent rather than self-attested.
A plugin only sees what runs inside WordPress. CookieSentry scans the rendered page, so it catches tags injected by Google Tag Manager, embedded checkouts, marketing snippets, subdomains and non-WordPress properties the plugin never inspects. One audit covers your whole estate, not just the CMS.
Beyond a generic policy, CookieSentry generates GDPR documents localized to the rules that actually apply, including Germany's section 25 TDDDG plus Poland, Denmark, Sweden and pan-EU ePrivacy, and produces a shareable indexable report and a downloadable PDF you can attach to a DPA response or hand to an agency.
Complianz lives inside your WordPress install. That is convenient, and it is also the catch: every banner fix, every scanner improvement and every new national rule arrives as a plugin update that someone on your side has to apply, test against your theme and other plugins, and trust. When an update lags, a caching layer interferes, or a third-party plugin injects a tag the scanner did not see, the gap is yours, not the vendor's. The Dutch AP does not accept 'the plugin should have caught it' as a defence.
Because the scanner that informs the banner is the same product that renders it, you are effectively asking one tool to mark its own homework. That is fine for setup, but it is not evidence. CookieSentry sits outside the WordPress install and outside Complianz, so what it reports is independent of whatever the plugin believes it is blocking.
A configured Complianz banner shows intent: you asked for consent. It does not, by itself, prove that nothing tracked the visitor before they clicked. The two recent Dutch cases turn on exactly that gap. Coolblue was fined €40,000 after the AP found visitors were treated as having consented simply by using the site, with pre-ticked permissions; A.S. Watson, owner of Kruidvat, was fined €600,000 in 2024 because tracking cookies were placed before the visitor had interacted with the banner at all.
CookieSentry exists to close that evidentiary gap. It loads your live URL with no prior consent, captures every cookie and tracker that fires in that pre-consent window, and names the source so you can see whether a GTM container, an embed or a stray script is firing ahead of your Complianz banner. That is the artefact you want on file before the AP sends one of its roughly 500 annual warning letters, not after.
This is not a rip-and-replace. Complianz is good at the consent UI, especially on WordPress and WooCommerce, and if you need TCF for ad inventory it is a registered vendor and CookieSentry is not. Leave it in place. What you add is the layer Complianz cannot honestly provide for itself: independent verification of pre-consent behaviour across your entire stack, plus GDPR documents mapped to the specific national overlays your audience lives under.
If your team was leaning on Complianz mainly for its built-in scanner and its auto-generated policy, that is the half CookieSentry replaces, with broader coverage and an exportable evidence trail. Pricing is flat and predictable and does not scale by the number of subpages you crawl, so a thorough audit does not get more expensive as your site grows.
Consent is not validly constituted if the storage of information, or access to information already stored in a website user's terminal equipment, is permitted by way of a pre-checked checkbox which that user must deselect to refuse his or her consent.
| Capability | CookieSentry | Complianz |
|---|---|---|
| Consent banner / CMPComplianz is a self-hosted WordPress CMP; CookieSentry does not render or manage a banner. | ||
| IAB TCF supportComplianz is a registered TCF v2.0 vendor (CMP ID 332); CookieSentry is not a CMP. | ||
| Automatic pre-consent cookie scanningComplianz scans within WordPress to build its policy; CookieSentry independently audits what fires before consent across any stack. | ||
| Free public scan (no signup)CookieSentry offers a public scan with no account; Complianz scanning runs inside the installed plugin. | ||
| GDPR document generationBoth generate documents; CookieSentry maps them to national overlays. | ||
| Exportable audit evidence (PDF)CookieSentry produces a shareable report and downloadable PDF as independent evidence. | ||
| National-law overlaysCookieSentry maps to TDDDG, PL, DK, SE and pan-EU ePrivacy; Complianz covers multiple legal regions via region presets. | ||
| Platform coverageComplianz is CMS-native; CookieSentry audits the rendered page on any platform. | Any stack (stack-agnostic) | WordPress / WooCommerce / Shopify plugin |
| Pricing modelComplianz tiers are sold by site-license count; CookieSentry pricing does not scale by subpage count. | Flat, not per subpage | Annual, tiered by number of site licenses |
Complianz is built in Groningen by Really Simple Plugins BV (acquired by team.blue). Its home regulator, the Autoriteit Persoonsgegevens, has run a dedicated cookie-enforcement programme since 2024 and recently fined A.S. Watson €600,000 for cookies set before banner interaction.
As a WordPress plugin, Complianz inspects what runs inside WordPress. Tags injected by Google Tag Manager, third-party embeds, checkouts and non-WordPress subdomains can fire outside its view. CookieSentry scans the rendered page, so those sources show up.
Self-hosted means you apply, test and trust each plugin update. If an update lags or conflicts with your theme or cache, the compliance gap is yours. An independent CookieSentry audit catches drift the plugin did not.
Complianz is the stronger choice when your priority is the consent UI itself on a WordPress or WooCommerce site. It is a genuine CMP that CookieSentry does not try to be: it renders and manages the banner, is a registered IAB TCF v2.0 vendor (CMP ID 332) with Google CMP certification, supports multiple legal regions, and on premium tiers adds A/B testing and consent statistics. If you run programmatic ad inventory that requires a TCF string, or you want a single WordPress plugin that both shows the banner and writes a starter cookie policy from its own scan, Complianz does that job natively and CookieSentry simply does not. Keep it for the banner. That is exactly the layer we recommend you do not rip out.
Complianz is sold as an annual subscription tiered by the number of site licenses, with premium features such as A/B testing and consent statistics on higher plans. CookieSentry uses flat, predictable pricing that does not scale by the number of subpages you crawl, so auditing a large site does not cost more than auditing a small one. The two are complementary rather than substitutes: you can keep your Complianz license for the banner and add CookieSentry for independent audit and document generation. (We never quote competitor prices here; check complianz.io for current figures.)
You do not swap your consent script. Keep Complianz running as your WordPress consent banner, including its TCF support if you rely on it for ad inventory. Add CookieSentry alongside it as the independent layer that loads your live site without consent, proves exactly what fires before the banner is answered across your whole stack, and generates GDPR documents localized to the national rules you fall under. If you were using Complianz mainly for its built-in scanner and auto-generated cookie policy, CookieSentry can take over that half with broader, stack-agnostic coverage and an exportable evidence trail, while the banner stays exactly where it is.
No. Complianz is a consent banner and CMP; CookieSentry is not. We recommend keeping Complianz for the banner and adding CookieSentry as an independent audit and GDPR-document layer. If you used Complianz mainly for its scanner and auto-generated policy, CookieSentry can replace that half.
No. CookieSentry does not render a consent banner and is not an IAB TCF vendor. That is intentional. Complianz is a registered TCF v2.0 vendor (CMP ID 332) with Google CMP certification, so keep it for the consent UI and TCF string if you need them.
Complianz scans inside WordPress to populate its own policy, so the tool that sets the banner also grades it. CookieSentry is independent and stack-agnostic: it audits what fires before consent across GTM, embeds, subdomains and non-WordPress pages, and produces exportable evidence.
Yes. CookieSentry scans the rendered live page, so it works on any stack, not just WordPress. Complianz is a WordPress, WooCommerce and Shopify plugin, whereas CookieSentry audits whatever your visitors actually load.
Weighing more than one option? See how CookieSentry stacks up against the other consent tools on the market.
Run a free CookieSentry scan on your live pages, catch early-firing cookies, and export evidence your privacy team or agency can act on — no signup required.
Run a free scan →Comparison last reviewed 2026-06-14. Complianz is a trademark of its respective owner; competitor details are described in good faith and may change over time.