One platform. 14 privacy regulations. Zero plugins to install.
GDPR. CCPA. CPRA. VCDPA. CPA. CTDPA. TDPSA. OCDPA. MCDPA. PIPEDA. LGPD. POPIA. DPDPA. PDPA. APPI. Yovale handles every one of them through a single signed MU-plugin — geo-aware, no per-region config, no plugin updates to chase.
Browse by jurisdiction
Click any regulation to read its dedicated page — what it requires, how Yovale handles it, and the dashboard view your team sees.
European Union, UK & EEA
One regulation covers the entire EU bloc, plus the UK, Switzerland, Norway, Iceland, and Liechtenstein. Yovale's geo-detection routes every visitor from these jurisdictions through GDPR-compliant opt-in consent.
United States
California's CCPA started it. Six more state laws followed — each with their own quirks (CPRA, opt-out signals, sensitive-data opt-in). Yovale ships UOOM/GPC honoring at the Cloudflare edge worker for every supported state.
Effective Jan 1, 2020 · Opt-out + Do Not Sell or Share for California residents.
Read the pageEffective Jan 1, 2023 · Opt-out with opt-in for sensitive data.
Read the pageEffective July 1, 2023 · UOOM honoring required since July 2024.
Read the pageEffective July 1, 2023 · UOOM honoring required since Jan 2025.
Read the pageEffective July 1, 2024 · Broadest threshold of any US state law.
Read the pageEffective July 1, 2024 · Covers non-profits too (from July 2025).
Read the pageEffective Oct 1, 2024 · Lowest threshold (50k Montana residents).
Read the pageCanada & Latin America
PIPEDA's 10 Fair Information Principles for Canada. Brazil's LGPD with ANPD-aligned consent. Each routes through the same MU-plugin with locale-specific banner copy.
Asia-Pacific
India's DPDPA introduced Data Fiduciary duties + consent managers. Japan's APPI requires purpose specification + sensitive-data opt-in. Thailand's PDPA reaches extraterritorially.
Africa
South Africa's POPIA — 8 conditions for lawful processing plus mandatory Information Officer. Routed through Yovale's compliance layer like every other supported region.
A plugin per regulation breaks every WordPress site.
Installing one plugin per regulation means 14 plugins, 14 update cycles, 14 sets of database writes, 14 caches to invalidate. Each adds 200-500ms to every page. Each breaks differently when you change theme. Yovale ships one signed MU-plugin that handles all 14 at the edge worker layer — same compliance, zero footprint.
14 plugins, one per regulation
- 14 separate vendors, 14 update cadences, 14 attack surfaces
- Each writes consent records to wp_options — slow, breaks with object cache
- 200-500ms added to every page load (banner JS, cookie scan, DB writes)
- $49-119/year per site per plugin — easily $500+/year for full coverage
- Plugin conflicts with WP Rocket, your cache layer, theme — every time
Yovale's built-in approach
- One signed MU-plugin, 14 regulations, geo-routed at the edge
- Consent state at Cloudflare edge worker layer — 0ms latency to render
- Audit log in a dedicated database, queryable, retained 6 years
- Included on every plan from $149/yr — no per-regulation upcharge
- Loads before any other plugin · can't be deactivated · can't conflict
One platform. Every regulation. No plugin to install.
Every Yovale site is compliant from minute one — whichever regulation matches the visitor's location is auto-applied. Geo-aware, edge-cached, no DB writes, no performance hit. Start the free Growth trial and see the Compliance tab in your dashboard.