README

Legal Pages Lite

The standard legal pages, done right. Dutch / English / German legal page templates with configurable merge fields for company details — accessible, SEO-ready, per-sales-channel. Drop in, fill in the admin fields, ship.

License: MIT · Shopware: 6.7.x · PHP: 8.1 / 8.2

🇬🇧 English · 🇳🇱 Nederlands · 🇩🇪 Deutsch

📖 More context: Why we built this · How it compares

⚠️ IMPORTANT — this plugin provides TEMPLATE legal text. Have a legal professional (Dutch / German / EU consumer law) review your configured text before it's exposed to real customers. Templates are a starting point, not a guarantee.

▲ Legal Pages Pro turns this into a compliance toolkit — maintained jurisdiction-aware templates, a cookie-policy generator, an accessibility-statement generator and version history. Pro requires this plugin, so there is nothing to migrate. See Part of a Lite/Pro family below.

Screenshots

Privacy page on desktop — branded title, locale-aware 'Last updated' date below the heading, sectioned body content with merge-field-resolved company details.

_{Privacy page with v1.2.0 "Last updated" timestamp}

Privacy page on mobile — fully responsive, last-updated line wraps below the heading, body sections stack cleanly.

_{Privacy page — mobile (responsive)}

What it does

Every Shopware store needs imprint, privacy, shipping, returns, and a disclaimer. Most shops either (a) copy-paste text from another site (legal risk) or (b) leave them as Lorem Ipsum until launch day (worse legal risk). This plugin ships sensible nl/en/de defaults based on Dutch EU-compliant consumer-law templates, with your company details merged in from the admin at render time.

Five pages, routable out of the box
Merge-field pattern — admin fills in company details once; every page picks them up
Three locales — nl-NL, en-GB, de-DE
Per-page toggle — disable pages you don't need (e.g. if you already have a custom privacy page elsewhere)
Per-page "Last updated" timestamp (v1.2+) — five new optional datetime config fields let you record when each page was last reviewed. Renders below the page heading as a localised line (Last updated 9 May 2026 / Laatst bijgewerkt op 9 mei 2026 / Zuletzt aktualisiert am 9. Mai 2026) using Twig's format_date('long'). Wrapped in <time datetime="YYYY-MM-DD"> for machine readers and Schema.org. Empty config hides the line

Part of a Lite/Pro family

Legal Pages Lite is the free, standalone Lite tier — a complete, genuinely useful plugin in its own right. It has no upsell gating and never expires.

Legal Pages Pro (sold separately, currently in development) builds on top of Lite and turns it into a compliance toolkit:

a maintained, jurisdiction-aware legal-template library
a cookie-policy generator
an accessibility-statement generator
an Impressum completeness validator
version history for your legal pages

Pro requires this plugin via composer — buy Pro and Lite is pulled in automatically; there is nothing to migrate. If Lite already covers what you need, you never have to think about Pro.

Install

composer require tenbruggencate/legal-pages-lite
bin/console plugin:refresh
bin/console plugin:install --activate TenBruggencateLegalPages
bin/console cache:clear

Pages

Route	Path	Content
`legal.voorwaarden`	`/legal/voorwaarden`	Algemene Voorwaarden (Terms & Conditions)
`legal.privacy`	`/legal/privacy`	Privacyverklaring (Privacy Policy)
`legal.verzending`	`/legal/verzending`	Verzendinformatie (Shipping Info)
`legal.retour`	`/legal/retour`	Retourbeleid (Return Policy)
`legal.disclaimer`	`/legal/disclaimer`	Disclaimer

Configuration

Configurable per sales channel from Extensions → Legal Pages.

Field	Purpose
`companyName`	Company name (e.g. "Mijn Webshop B.V.")
`companyAddress`	Full postal address
`companyEmail`	Contact email
`companyPhone`	Phone number
`kvkNumber`	Chamber of Commerce number (KvK)
`btwNumber`	VAT / BTW number
`returnDays`	Return period in days (EU minimum: 14)
`shippingCost`	Standard shipping cost
`freeShippingThreshold`	Free shipping above this amount
`enableVoorwaarden` / `enablePrivacy` / `enableVerzending` / `enableRetour` / `enableDisclaimer`	Per-page kill switches

Merge fields

The following placeholders are replaced with your configured values at render time:

{companyName}, {companyAddress}, {companyEmail}, {companyPhone}, {kvkNumber}, {btwNumber}, {returnDays}, {shippingCost}, {freeShippingThreshold}

To override any page's template, copy src/Resources/views/storefront/page/legal/<slug>.html.twig into your theme and edit. The merge-field resolver runs against whatever HTML/Twig you ship.

Standards

Performance — static template rendering; no DB queries at request time. Merge-field substitution is a single strtr() call.
SEO — every legal page ships with appropriate <meta name="robots"> defaults: indexable (search engines should see your terms & privacy), proper <title> and <meta description> derived from the page content, stable URLs.
GDPR — the privacy page template explicitly documents what you collect, why, and how long you keep it. Adapt the template to match your actual processing; don't leave the defaults unread. The plugin itself stores no visitor data — full data-flow documentation in GDPR.md.
WCAG 2.2 AA — semantic heading hierarchy (h1 / h2 / h3), proper lists for enumerated terms, keyboard-accessible <a> tags, no colour-only information. Live axe-core audit output + desktop + mobile screenshots: docs/ACCESSIBILITY.md.
Security — merge-field substitution is done on server-side; no user input reaches the templates. All admin-supplied values are escaped via Twig.
Uninstall — plugin:uninstall --keep-user-data preserves every TenBruggencateLegalPages.config.* row (company name, VAT, KvK, per-page toggles); without the flag the destructive path clears them all. No owned tables.

Production-readiness checklist

A deliberately short list of things to verify before enabling the plugin on a customer-facing storefront. Not legal cover — the MIT license already disclaims warranty AND the templates ship with a "have a lawyer review before going live" disclaimer in their getting-started copy — but practical guidance an experienced operator would want anyway.

[ ] Have a legal professional review the rendered text for your jurisdiction. The defaults are based on Dutch / EU consumer-law templates; UK shops post-Brexit, Swiss shops, and shops outside the EEA need adjustments. The plugin's intro banner in admin already says "TEMPLATES, not legal advice" — heed it.
[ ] Fill every merge field that appears on a page you've enabled. An empty kvkNumber renders the literal string KvK: followed by nothing — visibly broken. The configuration UI flags blanks but doesn't block save.
[ ] *Set per-page `lastUpdated` dates (v1.2+) the moment you ship the reviewed text** — visible "last reviewed" dates are a soft trust signal for visitors and a hard one for consumer-protection authorities. Date-pickers in the admin take seconds.
[ ] Decide which pages you actually want. The five toggles (enableVoorwaarden, enablePrivacy, etc.) default to on; turn off any you have a custom version of elsewhere (e.g. an existing privacy CMS page) so the plugin's route returns 404 instead of competing.
[ ] Test on staging that the routes resolve. The plugin's routes are at /legal/voorwaarden, /legal/privacy, etc. — make sure your theme's footer links point at them (or your custom URLs, if you remap).

Compatibility

Core platform

Shopware	PHP	Status
6.7.x — tested against 6.7.8, 6.7.9	8.1, 8.2	Stable
6.6.x	—	Not supported
6.5.x and earlier	—	Not supported

Database

Engine	Version	Notes
MySQL	8.0+	Primary target; JSON functions used for config-row manipulation in migrations
MariaDB	10.11+	Tested end-to-end; earlier versions lack some JSON operator support

Browsers (storefront)

Evergreen browsers only — the two most recent stable releases of each:

Browser	Desktop	Mobile
Chrome / Chromium	✅	✅
Firefox	✅	✅
Safari	✅ (macOS)	✅ (iOS 16+)
Edge	✅	—

Internet Explorer and legacy Edge are not supported. The plugin emits no runtime JS (where applicable) so graceful degradation on older browsers usually still renders content, just without progressive enhancements.

Admin browsers

Same evergreen matrix — the Shopware admin is Vue-based and has its own compatibility baseline that this plugin doesn't extend or narrow.

Development

Tool	Version	Scope
PHP	≥ 8.1	Runtime + test suite
Composer	2.x	Dependency management
Node.js	≥ 18	Only needed if you edit SCSS and re-run the theme compile
Python	≥ 3.9	Only needed for the repo's asset-pipeline scripts (`scripts/*.py`)

Accessibility

WCAG 2.2 level A + AA — see docs/ACCESSIBILITY.md for axe-core audit output and per-page violations.

What we test before each release

Full PHPUnit unit suite against PHP 8.1 + 8.2 (source-inspection tests don't need a kernel)
PHPStan level 8 + PHP-CS-Fixer (@PSR12 + @Symfony)
Composer validate on every plugin
Live-DB smoke tests (plugin install → activate → route render → uninstall cycle)
axe-core audit on the primary storefront surfaces (see ACCESSIBILITY.md)

Related plugins

TenBruggencateMultiBrand — per-brand configuration: each sales channel carries its own companyName / kvkNumber / etc., so a multi-brand store renders each brand's legal pages with its own entity details
TenBruggencateMaintenance — legal footer links render in the maintenance footer so visitors can still reach imprint / privacy during downtime
TenBruggencateNewsletterLite — /legal/privacy is the natural target for the privacyPageUrl config in NewsletterLite

Support

Email: guy@tenbruggencatedevelopment.nl
Docs & news: tenbruggencatedevelopment.nl
Source / issues: Bitbucket repo
Security vulnerabilities: see SECURITY.md — email first, no public issues, 72-hour acknowledgement SLA

License

Legal template text in snippets is provided under MIT for reuse, but template text alone does not constitute legal advice. You are responsible for adapting it to your business and jurisdiction.

tenbruggencate / legal-pages-lite

Maintainers

Package info

Statistics

Security