外掛標籤
開發者團隊
② 後台搜尋「CookieLex Cookie Consent & Privacy Compliance」→ 直接安裝(推薦)
原文外掛簡介
CookieLex is a consent management platform for websites that need a configurable cookie banner and related privacy tools.
This plugin connects a WordPress site to a CookieLex account or CookieLex site key. After the site is connected, the plugin loads the CookieLex CMP script on public WordPress pages so the CookieLex banner can display and use the banner configuration from your CookieLex dashboard.
Depending on your CookieLex account and site configuration, CookieLex can help you manage consent choices, cookie categories, consent logging, cookie scanning, and privacy or cookie policy tools. Configuration is managed in CookieLex, not primarily inside WordPress.
Website owners remain responsible for configuring CookieLex appropriately for their site, jurisdiction, installed scripts, policies, and legal obligations. This plugin and the CookieLex service can support privacy compliance workflows, but they do not guarantee compliance with GDPR, ePrivacy, CCPA/CPRA, or any other law.
External services
This plugin connects to CookieLex services so it can connect your WordPress site to CookieLex, load the hosted consent banner, and synchronize the site connection.
This service is provided by CookieLex.
Website: https://cookielex.com/
Terms and conditions: https://app.cookielex.com/terms-and-conditions
Privacy policy: https://app.cookielex.com/privacy-policy
Production service domain used by the plugin: https://app.cookielex.com/
The plugin makes these external requests:
When an administrator clicks “Connect to CookieLex”, WordPress redirects the administrator to https://app.cookielex.com/integrations/wordpress/connect.
The connect request includes the WordPress callback URL, site URL, a temporary state value, plugin version, and WordPress version.
When CookieLex redirects back to WordPress with a connection token, the plugin sends that token to https://app.cookielex.com/api/integrations/wordpress/exchange.
After a successful connection, the plugin stores a heartbeat token in the WordPress option cookielexccpc_heartbeat_token and sends a daily WP-Cron heartbeat to https://app.cookielex.com/api/integrations/wordpress/heartbeat.
When a site key is saved or returned by the connection flow, the public site loads the CookieLex CMP script from the configured embed URL. By default this is https://app.cookielex.com/cmp/embed/{site_key}.
Data sent to CookieLex by this plugin may include:
Site key.
Site URL or domain.
WordPress version.
Plugin version.
Temporary connection state and connection token during the administrator connect flow.
Heartbeat token during the daily heartbeat request. The token is sent in a POST JSON request body and is used only to authenticate the plugin installation status.
Connection metadata returned by CookieLex, such as embed URL, dashboard URL, domain, and connection time, which is stored in the WordPress option cookielexccpc_settings.
Daily heartbeat metadata, including site key, plugin version, WordPress version, and site/domain information. This is used to show whether the WordPress plugin is actively installed and recently seen in CookieLex.
The frontend CookieLex CMP script is loaded by visitors’ browsers from CookieLex servers. That browser request includes normal web request data, such as IP address and user agent, as part of the request to CookieLex. The CMP script may process visitor consent choices according to your CookieLex account and banner configuration.
This plugin does not send raw WordPress administrator passwords to CookieLex. The WordPress admin screen masks the stored site key and does not print raw connection or heartbeat tokens.
CookieLex provides this service under its terms and conditions at https://app.cookielex.com/terms-and-conditions and privacy policy at https://app.cookielex.com/privacy-policy.
Data storage
The plugin stores only the integration settings needed to connect WordPress to CookieLex.
Data stored in WordPress options may include:
cookielexccpc_settings: site key, embed URL, dashboard URL, connected domain, connection time, heartbeat URL, and last heartbeat time.
cookielexccpc_heartbeat_token: heartbeat token returned by CookieLex after the site is connected.
The plugin also stores a temporary connection state in the transient cookielexccpc_connect_state during the administrator connect flow. This transient expires after 10 minutes.
When the site is disconnected from the CookieLex admin page, the plugin removes the stored CookieLex settings, heartbeat token, and scheduled heartbeat event. When the plugin is uninstalled, uninstall.php removes the same stored options, scheduled event, and temporary connection transient.
