Contact Form 7

Contact Form 7

Contact Form 7 is a WordPress plugin that renders and processes contact forms on WordPress pages via AJAX. Scripts handle field validation, spam filtering through optional reCAPTCHA, and form submission. Only data entered by the user is collected and transmitted to the site administrator.

Back to Vendor Library

Overview

Contact Form 7 is one of the most widely installed WordPress plugins, providing simple, customizable contact forms. Its scripts run entirely within the WordPress installation — form rendering, validation, and submission processing happen on the site's own domain with no third-party data transmission. Contact Form 7 optionally integrates with reCAPTCHA for spam prevention.

What This Script Does

Contact Form 7's scripts are served from the WordPress installation:

  • Form rendering: Renders HTML forms with configured fields (name, email, subject, message, file upload, etc.) using WordPress's built-in templating.
  • Client-side validation: JavaScript validates required fields, email format, and file upload restrictions before submission.
  • AJAX submission: Forms submit via AJAX to the WordPress backend, providing a seamless experience without full page reloads. Confirmation or error messages display inline.
  • Email delivery: Submitted form data is sent to the configured email address(es) using WordPress's mail function or an SMTP plugin. No data is stored in the database by default.
  • Optional reCAPTCHA: If spam protection is enabled, loads Google reCAPTCHA scripts (which have their own privacy implications and consent requirements).
  • No third-party scripts: By default, Contact Form 7 loads no external JavaScript. All scripts are served from the site's own domain.
  • No cookies: Contact Form 7 does not set cookies.

Consent & Compliance

Contact Form 7 falls under the functional/essential consent category. Contact forms serve a communication function that the visitor initiates.

Under GDPR and ePrivacy, Contact Form 7's scripts set no cookies and make no third-party requests (unless reCAPTCHA is enabled). The personal data submitted through forms requires a lawful basis under GDPR Article 6. Since data stays on the site operator's server, no third-party data sharing occurs by default.

Under CCPA/CPRA, form data is collected directly from the consumer for the requested communication purpose with no third-party involvement.

Should You Block This Without Consent?

No. Contact Form 7 runs entirely on the site's own domain with no cookies, no external scripts, and no third-party data sharing. Blocking it would prevent visitors from contacting the site operator. If reCAPTCHA is enabled, assess its consent requirements separately.

Visit website

Consent Categories

Functional
Essential

Also Known As

contact form 7cf7wordpress contact formcontact form 7 consentcf7 plugin

Industries

Computers Electronics and TechnologyProgramming and Developer SoftwareBusiness and Consumer ServicesScience and Education

Tracked Domains (1)

contactform7.comFunctional

Frequently Asked Questions

Does Contact Form 7 need visitor consent?

Generally no. Contact Form 7 is functional and essential — it processes forms entirely within WordPress with no third-party data transmission or tracking cookies. It only collects data visitors voluntarily submit. If reCAPTCHA is enabled, that separate component may need its own consent.

What information does Contact Form 7 collect from visitors?

Contact Form 7 only collects data visitors enter into form fields — name, email, subject, message. It processes submissions via AJAX on the WordPress backend and delivers them to configured email addresses. No cookies are set, no behavioral data is tracked, and nothing is sent to external servers.

How does ConsentStack handle Contact Form 7?

ConsentStack identifies Contact Form 7 as essential and functional, allowing it to load without consent since it serves a core website function. If reCAPTCHA is also used with the plugin, ConsentStack manages that integration separately under its own consent category.

Related Vendors

Google Maps
Google Maps
Google Maps is the dominant web mapping service used for embedded maps and location features on websites. Scripts load interactive map tiles, geocoding, and Places API functionality through the Maps JavaScript API. May set cookies to remember map preferences and manage API quota.
Google Search
Google Search
Google Search appears on websites through the Programmable Search Engine, enabling custom site-specific search functionality. Scripts load the search widget from Google's servers to render search bars and display results within the host website. Sends search queries to Google's index and may set cookies for search personalization and query history.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Apple Maps JS
Apple Maps JS
Apple Maps JS is Apple's JavaScript mapping framework for embedding interactive maps on websites. Scripts load map tiles, location pins, and routing data from Apple's MapKit servers to render navigable maps within web pages. Requires a MapKit JS token for authentication but does not set tracking cookies or collect behavioral analytics data.
Apple Business Chat
Apple Business Chat
Apple Business Chat enables direct customer messaging between websites and Apple's Messages app. Scripts load chat buttons and conversation interfaces that connect visitors to business support agents through iMessage. Sets minimal session cookies to maintain conversation context but does not track browsing behavior or collect analytics data.

Manage consent for Contact Form 7

ConsentStack automatically detects and manages Contact Form 7 trackers so your site stays compliant with global privacy regulations.

Get started free