New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add optional Privacy Pack with cookie consent message #507
Comments
I agree, it's important for EU sites to be compliant with GDPR. However, I don't believe any cookies are currently set by default - only if the administrator decides to enable certain third party integrations. For those who decide to enable cookie based integrations, there are probably ways to meet the requirements of GDPR without introducing more code and dependencies in Academic (possibly by placing a notice in a custom widget or footer and creating a Privacy page etc.). |
That would be an interesting and convenient solution, yet one would like a message that informs the user about the cookies just when they first connect to the site, but that is hidden in all subsequent connections from the same user. This is how most of these notices work. Is this possible using custom widgets or footers? If yes, please let me know how you'd do that, that would be a more elegant solution to the problem. I was thinking about using the Hero widget for this, but honestly I have no idea how to hide it after the user accepts the use of cookies (and hide it for further visits from the same user). |
actually to meet the requirements you need to approval of the visitor which is made by a click for the policy you could use this generic generator but personally the most friendly I found is this one : https://cookiesandyou.com/ |
just to mention |
Well I have already invested a lot of time creating my website with the hugo-academic theme, and I've been using it for a lot of time. So I don't really like the idea of changing themes... But thanks anyway for the recommendation, for the moment I think I will add https://cookiesandyou.com/ to my current site. |
@gcushen I found that even disabling third party integrations like disqus, MathJax and Google Analytics, there is always a cookie from cloudflare.com (__cfduid) which appears when you connect from a public network. The only way to disable this would be by disabling all icons from font awesome and academicons, which is something that would really hurt the theme. I really think we should seek a solution to this problem, not addressing this issue technically makes the theme "illegal" in the EU. Which is sad considering this is one of the best hugo themes. |
@pjox Academic does not set any cookies by default unless you enable third party integrations. It's easy to make a website compliant by using a wizard such as this one and pasting the code into Academic's |
@gcushen Thank you for the answer, I was not aware of the About the cloudflare thing, I'm sorry, but they do set one cookie, and it is mandatory, you can read about it in their documentation here. Even the address |
@pjox according to CDNJS (cdnjs/cdnjs#8868), and in my experience, they don't set any cookies when a browser attempts to retrieve CDNJS assets from an Academic powered website. Hence, Academic is cookie-free by default. Perhaps, you are directly or indirectly using other Cloudflare services on your site or host. Although the steps for adding a cookie consent notice in my comment above should be very simple for an admin to follow, I'll consider more seamlessly integrating an option for this kind of feature into Academic. |
To be GDPR compliant, in addition to alerting the user about cookies, when enabling Google Analytics I believe that an additional option should be set in ga('set', 'anonymizeIp', true); I guess it is beneficial to have this option set by default when enabling GA. The GDPR additionally mentions that the user should have the freedom to deny usage of specific cookies, something I wholeheartedly agree with. But it seems to me that it's outside the scope of simple tools such as the one provided by Insights and I see no easy way of implementing something like this. |
- To enable, set `privacy_pack = true` in `config.toml` - Show a cookie consent message to visitors - Anonymize IP in Google Analytics (if enabled) See #507
An enhanced data privacy option has now been added. To enable, update Academic and set
This is partly dependent on Insights adding that functionality - see https://github.com/insites/cookieconsent/issues/242 . Otherwise, there are non-free granular cookie compliance services (e.g. OneTrust) that admins can integrate with Academic. |
@pjox sorry if I was'nt clear, but I was mentioning bootstrap4-blog theme as an inspiration and a way to add cookieandyou in academic. As a non developper I always prefer working with an example than from scratch ;) |
I was wondering if there should be an addition of a banner regarding the cookies which is compliant with the GDPR which will be enforced starting March 25 2018. Most of the sites using the academic theme have cookies thanks to the Discourse comments, the Google analytics or the Mathjax engine.
Right now I'm using the following github project to address this issue: Insites, but it would be nice to have a native hugo-academic solution which changes according to the theme and the language.
The text was updated successfully, but these errors were encountered: