# Checklist — TOP 11 WordPress compliance plugins 2026

**Article:** https://volade.com/en/blog/top-11-wordpress-compliance-plugins-2026

## Phase 1 — Mapping (D-14)

- [ ] List obligations: GDPR, cookies, Factur-X B2B, AI Act Article 50, DAC7 marketplace
- [ ] Inventory active plugins (PUD audit recommended)
- [ ] Note deadlines: Aug 2026 AI Act, Sept 2026 Factur-X reception, Jan 2027 issuance
- [ ] Assign internal owner + DPO/counsel contact if needed

## Phase 2 — GDPR & cookies

- [ ] Active CMP (Complianz, Cookiebot…) — single banner only
- [ ] Processing register up to date
- [ ] Google Fonts: self-host or documented consent
- [ ] Forms: legal basis + retention period

## Phase 3 — B2B e-invoicing

- [ ] WooCommerce B2B: SIRET/VAT on pro customers
- [ ] Factur-X plugin tested on staging
- [ ] PDP export / XML archive validated
- [ ] Credit notes workflow

## Phase 4 — AI Act transparency

- [ ] Editorial AI policy (assisted vs generated)
- [ ] Article 50 badges on flagged content
- [ ] Local audit log exported
- [ ] Writer training (5 min per person)

## Phase 5 — DAC7 marketplace

- [ ] If third-party sellers: 22 data points collected
- [ ] Annual aggregation tested
- [ ] XML export before tax deadline

## Phase 6 — Sign-off

- [ ] Front + back tests on 3 critical flows
- [ ] Checklist signed by client / management
- [ ] JSON exports archived (Factur-X, AI Act, DAC7)
- [ ] Next review date: _______________

**Reminder:** one extension per compliance role — avoid three GDPR plugins fighting each other.
