Quick Start
aGo Legal adds cookie consent, privacy compliance and data rights management to your WordPress site. It supports GDPR (Europe), Chile Data Protection Law 21.719 and LGPD (Brazil) out of the box.
Installation
- Upload
ago-legal.zip from Plugins → Add New → Upload Plugin - Activate the plugin
- Go to aGo Tools → Legal
Auto-Created Pages
Upon activation, the plugin automatically creates 4 pages on your WordPress site:
| Page | Shortcode | Purpose |
|---|
| Privacy Policy | [ago-privacy-policy] | Auto-generated privacy policy based on your company info |
| Cookie Policy | [ago-cookie-policy] | Cookie policy with detailed cookie table |
| Terms and Conditions | [ago-terms] | Terms of service (Premium) |
| My Data | [ago-my-data] | User data panel for cookie preferences and rights (Premium) |
Tip: Pages are created as drafts. Review and publish them when ready. You can move the shortcodes to any existing page if you prefer.
Quick Setup (5 minutes)
- Fill in your company info — Name, address, email, country
- Choose a compliance mode — Global is recommended for most sites
- Enable the cookie banner — Check "Show cookie banner"
- Customize colors — Match the banner to your brand
- Save and publish the auto-created pages
Cookie Banner
The cookie banner is a configurable consent bar that appears to visitors who have not yet accepted or rejected cookies. It blocks non-essential cookies until the user gives explicit consent.
Settings
| Setting | Description |
|---|
Enable Banner | Show/hide the cookie consent banner on your site |
Position | Bottom bar, Top bar, Popup bottom-left or Popup bottom-right |
Style | Minimal (single row), Detailed (with category toggles) or Overlay (full-screen modal) |
Primary Color | Color for the "Accept" button and toggle switches |
Background Color | Banner background color |
Text Color | Banner text color |
Banner Text | Main message displayed to visitors |
Link to Cookie Policy | Automatically links to the Cookie Policy page |
Cookie Categories
The banner organizes cookies into four standard categories. Visitors can accept or reject each category individually:
| Category | Always Active? | Examples |
|---|
| Essential | Yes (cannot be disabled) | Session cookies, CSRF tokens, consent state |
| Analytics | No | Google Analytics, Matomo, Hotjar |
| Marketing | No | Facebook Pixel, Google Ads, retargeting pixels |
| Functional | No | Chat widgets, embedded videos, maps, language preferences |
How blocking works: Non-essential scripts are blocked until the user explicitly accepts the corresponding category. The plugin intercepts script tags and replaces them with placeholder scripts that only load after consent is granted.
Compliance Mode
aGo Legal supports multiple privacy regulations. Choose the mode that matches your audience:
Available Modes
| Mode | Laws Covered | Best For |
|---|
| Global (recommended) | GDPR + Chile 21.719 + LGPD | Sites with international visitors or uncertain audience |
| GDPR Only | EU General Data Protection Regulation | Sites targeting only European visitors |
| Chile Only | Chilean Law 21.719 (Data Protection) | Sites targeting only Chilean visitors |
| LGPD Only | Brazil's Lei Geral de Protecao de Dados | Sites targeting only Brazilian visitors |
Why Global is better: It applies the strictest requirements from all three laws, so you comply everywhere by default. There is no performance penalty — it simply ensures that banner text, legal language and consent mechanisms satisfy all regulations simultaneously.
What Each Law Requires
- GDPR: Prior explicit consent before non-essential cookies, right to withdraw, data access/deletion rights, DPO contact, cookie-by-cookie disclosure
- Chile 21.719: Informed consent, ARCO+ rights (access, rectification, cancellation, opposition, portability), data breach notification
- LGPD: Legal basis for processing, data subject rights, DPO designation, consent management, international transfer rules
Privacy Policy
The plugin auto-generates a privacy policy page based on your company information. It covers all required sections for compliance with GDPR, Chilean law and LGPD.
How It Works
- Fill in your company details at aGo Tools → Legal → Company Info
- The privacy policy is dynamically generated using the shortcode
[ago-privacy-policy] - When you update your company info, the policy updates automatically
Sections Included
- Data controller identification (name, address, contact)
- Types of personal data collected
- Processing purposes and legal basis
- Data retention periods
- Third-party sharing and international transfers
- User rights (access, rectification, deletion, portability)
- Cookie usage summary (link to cookie policy)
- Contact information for privacy inquiries
Cookie Policy
The cookie policy provides a detailed breakdown of all cookies used on your site, organized by category. It is dynamically generated and always reflects your current cookie configuration.
Cookie Table
The policy includes an auto-generated table for each cookie category showing:
- Cookie name — Technical identifier
- Provider — Who sets the cookie (your site or a third party)
- Purpose — What the cookie does
- Duration — How long it persists (session, 1 year, etc.)
- Type — First-party or third-party
Auto-detection: The plugin detects common cookies from popular services (Google Analytics, Facebook Pixel, etc.) and pre-fills the table. You can add custom cookies in the settings.
Terms and Conditions Premium
Auto-generates a Terms and Conditions page based on your company info and site type (informational, e-commerce, SaaS, etc.).
Sections Included
- Acceptance of terms
- Service description
- User obligations and prohibited conduct
- Intellectual property
- Limitation of liability
- Governing law and jurisdiction
- Modifications and updates
- Contact information
Tip: Select your site type (informational, e-commerce, SaaS) in the settings to get terms tailored to your business model.
ARCO+ Rights Premium
ARCO+ stands for Access, Rectification, Cancellation (Deletion), Opposition and Portability — the fundamental data subject rights under Chilean Law 21.719 and GDPR.
User Form
The plugin provides a frontend form where any visitor or registered user can submit a data rights request. The form includes:
- Request type — Access, Rectification, Deletion, Opposition or Portability
- Name and email for identity verification
- Description of the request
- Confirmation and submission
Admin Panel
All submitted requests appear in aGo Tools → Legal → ARCO+ Requests. From there, administrators can:
- View request details and requester information
- Change status: Pending → In Progress → Completed → Rejected
- Add internal notes
- Export request data for compliance audits
- Track response times (regulations require responses within specific deadlines)
Important: GDPR requires responses within 30 days. Chilean Law 21.719 requires responses within 15 business days. The admin panel shows a deadline countdown for each request.
User Data Panel Premium
The User Data Panel gives visitors and registered users a self-service page to manage their privacy preferences and exercise their data rights.
What Users Can Do
- Cookie Preferences — Review and change cookie consent choices at any time
- Data Summary — See what personal data the site holds (for logged-in users)
- Export My Data — Download a copy of their personal data in JSON or CSV format
- Submit Rights Request — Embedded ARCO+ form for access, rectification, deletion, opposition or portability
- Withdraw Consent — Revoke previously granted consent for data processing
For non-logged-in visitors: The panel shows cookie preferences and the ARCO+ form. Data summary and export are only available for registered users who are logged in.
Audit and Compliance Premium
The audit module provides tools to demonstrate compliance during regulatory audits or internal reviews.
Consent Log
Every consent action is logged with:
- Timestamp of the action
- Consent type (cookie categories accepted/rejected)
- Anonymized IP address
- User agent (browser info)
- Consent version (tracks policy changes)
Export Options
| Export | Format | Description |
|---|
| Consent Log | CSV | Full log of all consent actions, filterable by date range |
| User Data Export | JSON / CSV | All personal data stored for a specific user |
| ARCO+ Requests | CSV | Log of all data rights requests and their status |
Right to Be Forgotten
When a deletion request is approved, the plugin can automatically:
- Delete the user's WordPress account and associated data
- Anonymize comments (replace name/email with "Anonymous")
- Clean up consent logs for that user
- Send a confirmation email to the requester
Important: Right to Be Forgotten actions are irreversible. The plugin requires administrator confirmation before executing any deletion.
Free vs Premium
| Feature | Free | Premium |
|---|
| Cookie consent banner | Yes | Yes |
| Cookie categories (4 types) | Yes | Yes |
| Banner position and colors | Yes | Yes |
| Compliance mode (Global/GDPR/Chile/LGPD) | Yes | Yes |
| Privacy Policy page | Yes | Yes |
| Cookie Policy page with table | Yes | Yes |
| Script blocking until consent | Yes | Yes |
| Terms and Conditions page | No | Yes |
| ARCO+ form and panel | No | Yes |
User Data Panel ([ago-my-data]) | No | Yes |
| Consent logging and audit trail | No | Yes |
| CSV / JSON export | No | Yes |
| Right to Be Forgotten automation | No | Yes |
| User data export | No | Yes |
| Response deadline tracking | No | Yes |
| "Powered by aGo Legal" | Visible | Visible |
Personal Plan
$9.90 USD — one-time payment
Lifetime license. No subscriptions. 1 website.
Buy Personal Agency Plan
$29.90 USD — one-time payment
Lifetime license. No subscriptions. Up to 5 websites. Best value.
Buy Agency License Activation
How to Activate
- Purchase a license at store.ago.cl
- You will receive a license key via email (format:
AGOLEGAL-XXXX-XXXX-XXXX) - In WordPress, go to aGo Tools → Legal
- Paste the key in the License Key field
- Click Activate
- You will see: License active with your activation count
How to Deactivate
Click Deactivate next to the license key field. This frees up an activation slot so you can use it on another site.
Move to Another Site
- Deactivate on the previous site
- Install the plugin on the new site
- Activate with the same key
Important: The Personal plan supports 1 site activation. The Agency plan supports up to 5 simultaneous activations. If you reach the limit, deactivate a site before activating another.
Frequently Asked Questions
Do I need the premium version for basic cookie compliance?
No. The free version includes a full cookie banner with categories, script blocking, privacy policy and cookie policy pages. This is sufficient for basic GDPR and cookie compliance.
Which compliance mode should I choose?
Choose Global unless you are absolutely certain your visitors come from a single region. Global mode applies the strictest rules from all supported regulations, ensuring compliance everywhere with no downsides.
Does the plugin block scripts automatically?
Yes. Non-essential scripts (analytics, marketing, functional) are blocked until the visitor explicitly accepts the corresponding cookie category. Essential cookies are always allowed.
Can I customize the generated legal pages?
The shortcodes generate dynamic content based on your configuration. You can add custom text above or below the shortcodes on the same page. For full customization, you can remove the shortcode and write your own content.
What are ARCO+ rights?
ARCO+ stands for Access, Rectification, Cancellation, Opposition and Portability. These are the data rights granted to individuals under Chilean Law 21.719 and similar provisions in GDPR. The premium version provides a form and admin panel to manage these requests.
How does the "Right to Be Forgotten" work?
When a user submits a deletion request through the ARCO+ form and an admin approves it, the plugin can automatically delete the user's account, anonymize their comments and clean up their consent logs. This requires explicit admin confirmation before execution.
Does the plugin work with caching plugins?
Yes. The cookie banner loads via JavaScript and works independently of server-side caching. Make sure your caching plugin does not cache the consent cookie or banner state.
Is the consent log GDPR-compliant?
Yes. IP addresses are anonymized in the consent log. The log records the minimum data needed to demonstrate compliance: timestamp, consent choices and consent version identifier.
Can I use this on a multilingual site?
The plugin supports translation via standard WordPress .po/.mo files. Banner text and legal page content can be customized per language when using WPML or Polylang.
Need help?
Contact us at ago.cl/contacto or write to [email protected].
