WooCommerce compliance

Every compliance rule a WooCommerce store has to meet

WooCommerce is self-hosted, so almost nothing is handled for you — you own the stack, the data, and therefore the compliance. That's more control and more responsibility than a hosted marketplace. Here's each rule that applies — what it asks of you, and a free 60-second checker for each. No signup, nothing stored.

The WooCommerce rules

In force

PrivacyProof

GDPR privacy & cookie consent

Collect data from EU/UK visitors? Check your privacy policy, cookie consent, and data-rights handling.

GDPR privacy & cookie consent on WooCommerce →
In force

CCPA Ready

US state privacy (CCPA/CPRA)

Sell to US consumers? California + new state laws require a privacy notice, opt-out, and a 'Do Not Sell' link.

US state privacy (CCPA/CPRA) on WooCommerce →
In force

RenewProof

US auto-renewal & cancellation laws

Run subscriptions? Check your signup & cancel flow against federal ROSCA + 30+ state auto-renewal laws.

US auto-renewal & cancellation laws on WooCommerce →
From Aug 2026

LabelProof

EU AI Act content labeling

Make AI images, video, or text? From Aug 2026 the EU AI Act requires it labelled.

EU AI Act content labeling on WooCommerce →
Since Jun 2025

AccessProof

EU Accessibility Act (WCAG)

Sell online to EU customers? Since June 2025 your site must be accessible (WCAG 2.1 AA).

EU Accessibility Act (WCAG) on WooCommerce →
In force

ADA Ready

ADA web accessibility (US)

US website? Check the basics that drive ADA accessibility lawsuits — and avoid overlay-only fixes.

ADA web accessibility (US) on WooCommerce →
In force

PayProof

PCI DSS payment security

Accept card payments? Check that card data never touches your server and your checkout is locked down.

PCI DSS payment security on WooCommerce →
In force

MailProof

CAN-SPAM email marketing

Send marketing emails? Check for a clear unsubscribe, your postal address, and honest headers.

CAN-SPAM email marketing on WooCommerce →
In force

TextProof

TCPA SMS / text marketing

Text your customers? Check for written consent, STOP opt-out, and sender ID before you send.

TCPA SMS / text marketing on WooCommerce →
Since Oct 2024

ReviewProof

FTC fake-reviews & endorsements

Use reviews, testimonials, influencers or affiliates? Penalties run to ~$53k per violation.

FTC fake-reviews & endorsements on WooCommerce →
In force

ContractProof

EU consumer rights (distance selling)

Sell online to EU consumers? You owe a 14-day right of withdrawal, pre-contract info, the model withdrawal form, and order confirmation on a durable medium.

EU consumer rights (distance selling) on WooCommerce →
Don't want to check them one by one?
Get one RuleGoose Score across every rule your WooCommerce store has to meet — free, in about a minute. Get your RuleGoose Score →