Implement GDPR EU cookie consent Opt-In/Opt-Out #2348
Comments
|
My view on adding this support into the theme hasn't changed since my comment in #1662. I don't think there is a non-opinionated way I could implement an opt in/out GDPR compliant consent that fit enough site owner's needs. As you pointed out above it gets complicated fast when you need to disable cookies and I'm not sure there's a way of me doing that with all possible permutations from the 3rd party scripts the site "could" be using (Google Analytics, Font Awesome, Disqus, etc.). RE: loading the GA script in RE: GA providers. It's up to the theme user to determine which analytics provider they are using and the pros and cons of each, I'm offering them as options and not endorsing any of them. I'm sure there are plenty of blog posts about each that can give you a primer on their differences. |
|
This issue has been automatically marked as stale because it has not had recent activity. If this is a bug and you can still reproduce this error on the If this is a feature request, please consider whether it can be accomplished in another way. If it cannot, please elaborate on why it is core to this project and why you feel more than 80% of users would find this beneficial. This issue will automatically be closed in 7 days if no further activity occurs. Thank you for all your contributions. |
To get compliant with GDPR I followed this helpful comment.
As cookie consent osano.com is mentioned in the comment. In the configuration step 5. a compliance type has to be selected. The simplest from is to just inform users about cookies being used and not do anything else. This option is simple to implement but unfortunately does not satisfy GDPR. Therefore one of the following options has to be selected which requires more work on the theme side.
The question is how to use the provided code to disable cookies, which by the way seems to be not up to date (?) according to this issue.
Here is the api documentation to get things implemented. I didn't read it enough yet. However, it seems to get GDPR compliant the theme has to use some option ((
if (this.hasConsented)orif (cookieconsent.status)?) every time before an "evil" script is executed. Depending on what the user selected the script is used or disabled. Is this the way this could be done?While I tried to get an overview of how this GDPR compliance stuff could be implemented, I got some other (minor) questions:
Is there a reason why the google analytics is placed in the footer and not the header of the theme? When copying the GA code snippet, there is an information that states to put the code in the header.
A similar implementation is mentioned for Adsense:
I got also confused by the different analytics provider options (google, google-universal, google-gtag).
From the MM docs - analytics section everything seems to be the same because the links are the same: https://www.google.com/analytics/
It would be helpful to document the differences between the three options.
Looking at the three scripts in the MM code base I found that google-gtag uses https://tagmanager.google.com/ but I didn't use it myself and I am not sure what the advantages of it are either.
Here is another issue #1662 I found regarding GDPR which got closed being marked as stale. This comment links to a tool (https://webbkoll.dataskydd.net/) to check cookies used.
I think the
anonymize_ipoption in_config.ymlis helpful to fulfill GDPR. Do you know how this affects tracking?The text was updated successfully, but these errors were encountered: