=== ConsentPilot ===
Contributors: helenegr1989
Tags: gdpr, cookie consent, consent, privacy, cookie banner
Requires at least: 6.3
Tested up to: 7.0
Requires PHP: 7.4
Stable tag: 0.1.4
License: GPLv2 or later
License URI: https://www.gnu.org/licenses/gpl-2.0.html

GDPR consent management for WordPress: cookie banner, blocking of tracking scripts and iframes before consent, and a consent log with CSV export. Built and maintained by Helene Grønberg at [helene.cloud](https://helene.cloud).

== Description ==

ConsentPilot is a GDPR consent management plugin for WordPress. Known tracking
scripts and embedded iframes (YouTube, Vimeo, maps) stay blocked in the page
until the visitor agrees to the relevant category, and every consent is
logged in the database as documentation, as required by GDPR art. 7.1.

ConsentPilot is configurable out of the box: choose between three banner
layouts, position, colors and banner text; describe your cookie categories;
add custom blocking patterns for tracking scripts not covered by the built-in
list; and export the consent log as CSV for compliance documentation.

= Features =

* Consent banner in three layouts: box, bar or popup
* "Accept all", "Decline all" and per-category choice
* Blocks known tracking scripts before consent, Google Analytics, Google
  Tag Manager, Meta Pixel, Hotjar, LinkedIn and more
* Also blocks tracking scripts hosted on your own domain
* Iframe blocking for YouTube, Vimeo, Google Maps and Spotify
* Custom blocking patterns, block anything you add yourself
* Custom cookie categories with descriptions
* Consent log in the database with hashed, anonymized IP
* CSV export of the consent log for documentation
* Policy versioning, request fresh consent when your privacy policy changes
* Google Consent Mode v2 integration for Ads/Analytics in the EEA
* Geo-targeting, only show the banner in selected regions (with Cloudflare
  or a custom GeoIP integration)
* Keyboard accessible, light/dark theme aware
* No frontend dependencies, the banner is lightweight and fast
* Fully translatable

= Support and documentation =

Full documentation, screenshots and a contact form are available on the
plugin homepage at [helene.cloud/consentpilot.html](https://helene.cloud/consentpilot.html).
Bug reports and feature requests can also be sent through the contact form
on [helene.cloud](https://helene.cloud).

== Installation ==

1. Upload the `consentpilot` folder to `/wp-content/plugins/`, or install via
   "Plugins → Add New → Upload Plugin".
2. Activate the plugin under "Plugins" in wp-admin.
3. Go to "ConsentPilot → Settings" to customize the banner.
4. Describe your cookie categories under "ConsentPilot → Cookies".

Requirements: WordPress 6.3+, PHP 7.4+.

== Frequently Asked Questions ==

= Does the plugin store IP addresses? =

No. The consent log only stores a non-reversible SHA-256 hash of an
(optionally anonymized) IP address, never the address itself.

= Is any data sent to a third party? =

No. All data stays in your own WordPress database. ConsentPilot does not
contact any external service.

= Does it actually block Google Analytics before consent? =

Yes. Tracking scripts are neutralized in the page and only activated in the
browser once the visitor accepts the relevant category.

= Does it work with page caching? =

Yes. The blocking uses official WordPress filters and works regardless of
full-page caching.

= What if a tracking script isn't being blocked? =

Add the domain or script handle under "Custom patterns" in the settings,
using the format `pattern|category`.

= Is the consent log kept after uninstalling? =

Yes, by default, consent records are legal documentation. You can opt to
delete everything on uninstall from the settings.

== Screenshots ==

1. The consent banner as visitors see it.
2. Per-category choice when the visitor clicks "Customize".
3. The dashboard in wp-admin with status and statistics.
4. Settings, banner, script blocking and privacy.
5. The consent log with CSV export.

== Changelog ==

= 0.1.4 =
* The floating "reopen consent" button now uses an inline SVG
  cookie icon and a small "Cookies" label, so visitors can see
  what the button does at a glance. Previously it relied on a
  cookie emoji that did not render reliably on all platforms.
* The reopen button has a tooltip and a soft shadow for better
  affordance. On screens narrower than 480px the label collapses
  and only the icon is shown.

= 0.1.3 =
* Added an "Upgrade to Pro" box to the plugin dashboard so users
  can discover the optional Pro tier with the privacy-policy
  generator, cookie scanner, audit-report PDF and other features.
  The box is hidden automatically when Pro is licensed.
* No changes to core functionality.

= 0.1.2 =
* Added discreet "Powered by ConsentPilot" link in the banner, with a
  filter so Pro users can hide it (`consentpilot_frontend_config`).
* Added support for an optional custom logo above the banner text.
* No breaking changes, existing installations keep all behavior.

= 0.1.1 =
* Removed the output-buffer-based script blocker. All blocking now uses
  WordPress filters (script_loader_tag, wp_inline_script_attributes,
  the_content), which are predictable and do not interact with the global
  output-buffer stack.
* Removed all license gates from Google Consent Mode v2 and geo-targeting
  settings. Both features are fully functional in this release.

= 0.1.0 =
* Initial release.
* Consent banner with three layouts and per-category choice.
* Blocking of tracking scripts and iframes before consent.
* Consent log with hashed IP and CSV export.
* Custom blocking patterns and policy versioning.

== Upgrade Notice ==

= 0.1.1 =
Fixes the issues raised in the WordPress.org plugin review: removed
output-buffer pattern and removed paywall checks on Consent Mode v2 and
geo-targeting.

= 0.1.0 =
First release of ConsentPilot.
