Search…

X3 Photo Gallery Support Forums

Search…
 
BigBobbyD
Experienced
Topic Author
Posts: 31
Joined: 04 Sep 2021, 04:41

DSVGO European requirements for cookies

23 Sep 2021, 02:04

Is there a way to have the cookie request to allow for "accept" and "decline, or reject".  This appears to be a legal requirement for those of us hosting our own websites in the European Union,

My X3 webpage Fails when tested

https://www.lda.bayern.de/tool/start.html#


Thanks 
Attachments
Bildschirmfoto 2021-09-23 um 08.08.14.png
Bildschirmfoto 2021-09-23 um 08.08.14.png (82.63 KiB) Viewed 1744 times
Bildschirmfoto 2021-09-23 um 07.59.49.png
Bildschirmfoto 2021-09-23 um 07.59.49.png (190.84 KiB) Viewed 1746 times
 
User avatar
mjau-mjau
X3 Wizard
Posts: 13993
Joined: 30 Sep 2006, 03:37

Re: DSVGO European requirements for cookies

23 Sep 2021, 05:43

May I ask, in what way does your website fail? And more importantly, what information are you storing about the visitor? Are you using Google Analytics? X3 does not use cookies, and neither does it store anything about the user. It doesn't matter where you host your website ... The law is about what information you store about the users browser/location/user.

I was talking to another client about this earlier, who wanted more dedicated choices foor cookie consent. There is a service in the link below, which includes a free plan for 5000 visitors per month (should cover most private websites):
https://www.osano.com/cookieconsent

It would need to be added into X3 as Settings > Custom > Custom Javascript, and then you would manage it externally from their settings. There is no native "plugin" for advanced cookie consent in X3, because it's gets painfully complicated depending on what settings you require.
 
BigBobbyD
Experienced
Topic Author
Posts: 31
Joined: 04 Sep 2021, 04:41

Re: DSVGO European requirements for cookies

23 Sep 2021, 05:51

Thanks for the response, 

I was researching how the DSVGO requires websites to comply with cookie settings, and it appears there is supposed to be a "reject" cookie option.
The only client that I use is yours and Google Fonts as CSS, which I cannot find a possible way to completely turn off.  For example, having only a CSS file located on my server for the "skin" used, and local fonts instead of google.  Even if I select none, for example, the script on the page still points to google, without referencing a font at all.

The European Union offers a test on websites to see if they comply and mine is listed as "failed" since there isn't a opt-out option from any cookies or third party links

Thanks
 
User avatar
mjau-mjau
X3 Wizard
Posts: 13993
Joined: 30 Sep 2006, 03:37

Re: DSVGO European requirements for cookies

23 Sep 2021, 06:31

I don't quite see what this has to do with Google fonts or CSS. In any case, if you require advanced cookie options, there a lots of external services/plugins that will work (I mentioned one in my previous post). I can help integrate them in X3, but there is no native plugin for this in X3.
The European Union offers a test on websites to see if they comply and mine is listed as "failed" since there isn't a opt-out option from any cookies or third party links
I wonder when third-party links became non-compliant, and as mentioned, X3 does not store cookies or anything about user (unless you use Google analytics for example). Of course, there are differences between "necessary" storage (for example storing menu structure, or selected "cart" options for the user) and storing private data about the user. One is necessary and one is not, and necessary storage for app functionality does not require consent (especially when you are not storing anything considered "personal"). But it's your decision of course.
 
BigBobbyD
Experienced
Topic Author
Posts: 31
Joined: 04 Sep 2021, 04:41

Re: DSVGO European requirements for cookies

23 Sep 2021, 06:48

Okay, perhaps I am misunderstanding what the DSVGO expects.  my server only stores log files, which indicates what country someone came from, not any IP addresses.  I was under the assumption that the fonts and link to the CSS files not stored on my website were an issue.  If they are not then I guess all is good. :grinning:
Image
 
User avatar
mjau-mjau
X3 Wizard
Posts: 13993
Joined: 30 Sep 2006, 03:37

Re: DSVGO European requirements for cookies

24 Sep 2021, 00:23

It's all debatable of course. I'm pretty sure you are not infringing anything if you only store countries. If you store IP's, it's debatable (lots of talk on the web), but as long as you can't use that IP to identify anyone or cross-reference the user, you are not storing anything about any "user". From the sense of private websites/servers, IP's are only used for technical/security reasons anyway.
I was under the assumption that the fonts and link to the CSS files not stored on my website were an issue.
There was debate some time ago about 3rd-party scripts adding cookies, but I'm pretty sure that's no longer the case. When these scripts/css are loaded from JSDelivr, it means your website will load much faster because the scripts are hosted on super-fast CDN, and may often be cached in the visitors browser (from other websites using the same script/css).

It comes down to opinion and how the EU law is interpreted. The law is clearly in place to prevent companies from deliberately storing user data (without consent) for usage of some sort (tracking, stats, ads etc).