Search…

X3 Photo Gallery Support Forums

Search…
 
DirkM
Topic Author
Posts: 5
Joined: 29 Dec 2017, 11:59

Contact - form

29 Apr 2018, 15:41

Hi all,

following the newest legislation on privacy in the EU, I would like to add a tick box into the contact form (although I an private person without any business activities). This tick box should ensure, that a mail can only be sent if the sender agrees to the storage and processing of his data.

Is there any possibility to install this also in our web-sites?

Example see here: https://wordpress.org/plugins/wp-gdpr-compliance/

Thank you in advance.

KR Dirk
 
User avatar
mjau-mjau
X3 Wizard
Posts: 11412
Joined: 30 Sep 2006, 07:37

Re: Contact - form

29 Apr 2018, 16:41

This would not be complicated. But can I ask, do you have an example of such a form on an actual website? I would like to witness this illogical behavior on a real (preferably professional) website.

Is there ever a slight chance, when sending an email, that the visitor would NOT agree when trying to send an email? It would be 100% implicit, if the visitor sends an email, that they agree to sending the email.

Of course, "the website" itself does not store the sent information either. Normally it would just go through the SMTP, in your settings. Just like the EU cookie law, I think this new law will be misinterpreted, and will cause more unnecessary UI junk, complicating things for visitors. Just for reference, these privacy protection laws in EU are created primarily to protect individuals from being tracked by the big companies for gain.

My personal opinions aside, yes it would not be difficult. In fact, you could already add a checkbox below the form. Leaving the checkbox unchecked, would not prevent the mail from getting sent, but what kinda human would try to send an email but not want the email to get sent? The checkbox should probably be checked by default.

Furthermore, I am wondering why it is not sufficient with some text below the form: "By using this form, you agree with the storage and handling of your date by this website."? Is there any rule in the GDPR that says it must be a checkbox?

Sorry, just would like to question these things before creating seemingly un-useful features.
 
DirkM
Topic Author
Posts: 5
Joined: 29 Dec 2017, 11:59

Re: Contact - form

02 May 2018, 19:49

The question is not, that visitors agrees to sending the mail, but they need to agree, that personal data is stored from the receiver. Personal data is defined in wide Terms. For example, taking a photography of somebody is seen as storing personel data, idependently if the person is clearly recognisable or just idetifiable (hope, this translation is correct - I mean "klar zu erkennen" or "identifizierbar"). Crazy law, I know.

Here an example of a preofessional web-site:

https://www.eulerhermes.de/kontakt.html
 
User avatar
mjau-mjau
X3 Wizard
Posts: 11412
Joined: 30 Sep 2006, 07:37

Re: Contact - form

03 May 2018, 04:30

I will add it to next release, coming within a few weeks.

Basically, it will just be a checkbox that needs to be :ballot_box_with_check:checked for the form to be valid.
 
DirkM
Topic Author
Posts: 5
Joined: 29 Dec 2017, 11:59

Re: Contact - form

09 May 2018, 12:53

Yes, please keep it as simple as possible. Just a check box - not ticked -> no mail sent. 

You keep us informed in this conversation asap you finalised?

KR
Dirk
 
User avatar
mjau-mjau
X3 Wizard
Posts: 11412
Joined: 30 Sep 2006, 07:37

Re: Contact - form

09 May 2018, 16:29

DirkM wrote:You keep us informed in this conversation asap you finalised?
Yep.
 
User avatar
GeoPal
Experienced
Posts: 180
Joined: 20 Dec 2007, 17:56

Re: Contact - form

10 May 2018, 13:04

Many users in Europe will appreciate this and use it. Thank you!
 
Ruud de Soet
Posts: 16
Joined: 11 Apr 2018, 13:42

Re: Contact - form

20 May 2018, 21:08

I think a simple checkbox is not enough because the customer must be able to read the privacy text. A simple button, linked to the text, is a pre. Then the customer can use the checkbox if he/she has read the text.
 
User avatar
mjau-mjau
X3 Wizard
Posts: 11412
Joined: 30 Sep 2006, 07:37

Re: Contact - form

21 May 2018, 04:59

Ruud de Soet wrote:I think a simple checkbox is not enough because the customer must be able to read the privacy text. A simple button, linked to the text, is a pre. Then the customer can use the checkbox if he/she has read the text.
What text do you mean to add? Do you have an example of this behavior? Even if you do "require" reading some privay text first, nobody who wants to send you an email will ever read it (when they have already clicked "consent").

You can add a LINK "privacy statement" in the checkbox text, that opens a popup modal with an extended privacy statement if you like. Technically, it wouldn't be tied in with the "required" checkbox though. They will be required to check the checkbox, which means they agree. If they actually open and read the privacy statement, is up to them. Nobody is interested in reading that privacy statement of course, just to send you an email.

PS! The "required" checkbox is ready, pending for release in forthcoming X3.25.0.
 
DirkM
Topic Author
Posts: 5
Joined: 29 Dec 2017, 11:59

Re: Contact - form

21 May 2018, 08:51

Agree - link to the "privacy statement" is sufficient.

Thank you for adding "required Checkbox" that fast.
 
Ruud de Soet
Posts: 16
Joined: 11 Apr 2018, 13:42

Re: Contact - form

21 May 2018, 10:07

What I see, when I search EU photo websites, is that a link to the privacy text is enough. I have never seen a checkbox, only a link to the text.
Maybe you can add a check box in X3, but optional. 
Here an example of the privacy text. A small text box below the contact page will link you to the text (see right bottom corner). May a good idea to add this link on the first page bottom, near the FB and contact icon.

http://www.jeffroffman.com/privacy-policy
https://www.matt-thomas-photography.co. ... cy-policy/
 
User avatar
mjau-mjau
X3 Wizard
Posts: 11412
Joined: 30 Sep 2006, 07:37

Re: Contact - form

21 May 2018, 13:47

Ruud de Soet wrote:What I see, when I search EU photo websites, is that a link to the privacy text is enough. I have never seen a checkbox, only a link to the text.
I think the point of the new "required" checkbox, is to comply the new EU GDPR "data collection" law. "Privacy policy" pages that you are referring to have been around for ages. You don't need a plugin in X3 to create your "privacy policy" page. If you want to have a "privacy policy" page, or a "required" checkbox for your contact forms, or BOTH, that will be up to you.
Ruud de Soet wrote:Maybe you can add a check box in X3, but optional.
Yes, it will certainly be optional. Essentially, you will just be able to add a checkbox input with "required" attribute and the text label of your choice:
Code
<div>
<input type="checkbox" id="comliance_agree" name="comliance_agree">
<label for="comliance_agree">I hereby agree blah blah blah ...</label>
</div>
Ruud de Soet wrote:Here an example of the privacy text. A small text box below the contact page will link you to the text (see right bottom corner). May a good idea to add this link on the first page bottom, near the FB and contact icon.

http://www.jeffroffman.com/privacy-policy
https://www.matt-thomas-photography.co. ... cy-policy/
Yes. Is there a specific request in regards to this? You can already add privacy policy pages to your X3 website, and include a LINK to it from any contact form. There is no need for any extended X3 functionality to achieve this. For those who want to use the "required checkbox" (must be checked before the form can be submitted), this feature is coming shortly.
 
nkamp
Posts: 10
Joined: 26 Mar 2013, 20:41

Re: Contact - form

09 Jun 2018, 13:50

A client came to me with the same question and this example: AVG/GDPR example
 
User avatar
mjau-mjau
X3 Wizard
Posts: 11412
Joined: 30 Sep 2006, 07:37

Re: Contact - form

10 Jun 2018, 07:13

This feature is already added to new X3.25.0.
www.photo.gallery/blog/photo-gallery-X3-25/

It's simply a required checkbox, where you can write whatever you want in the label. If visitor attempts to send the form without checking the box, the form will not send, and checkbox will highlight and focus as in below screenshot:
Image
Code
<div>
  <input type="checkbox" id="consent" name="consent" required>
  <label for="consent">Text here</label>
</div>
 
User avatar
mjau-mjau
X3 Wizard
Posts: 11412
Joined: 30 Sep 2006, 07:37

Re: Contact - form

03 Aug 2018, 10:23

Hi folks. The GDPR "required consent" checkbox is already available in release X3.25.0. I would like to mention however, after working with this plugin and studying the compliance requirements, I am even more opposed to using a "required consent" checkbox for contact forms. This "required checkbox" concept is a misinterpretation gone viral. Seems some just want to add plugins for everything because they exist.

1. The EU Isn’t Coming For You
Before anything else, let's summarize how this guide elaborately puts it:
GDPR primarily aims to regulate businesses that do a lot of data processing - and especially businesses that make their money from selling or “exploiting” the data they collect about people.

Think: data harvesting giants like Facebook or Google.
2. Where does the "required checkbox" come from?
There is absolutely no rule or mention in any GDPR regulation about requiring a checkbox in any way to require consent.

3. Why are you requiring consent just to send an email anyway?
A contact form in X3 is used strictly to SEND an email from visitor to YOU. X3 does not store anything. The website does not store anything. The server does not store anything. As long as you are not harvesting the emails into newsletters, you are not collecting data. What are you trying to require consent for? If this was required, then Gmail and Hotmail would have to include this checkbox into their online mail applications also.

4. Even if you were collecting data ...
Ok, let's pretend the form IS actually collecting names and emails for a NEWSLETTER, and not just sending an email. If you explicitly make it clear by TEXT in the form what the visitor is committing to when "signing up", that is already acceptable as "explicit consent". Again, there is no mention of "required checkbox" in GDPR regulations ... The only regulation you need to comply to is:
The “tell me what’s going to happen” right: the citizen has the right to be told what will happen with personal data before it is submitted and the data shall only be used if explicit consent is given.
5. Let's look at ALL consent conditions in layman terms:
  1. The “tell me what’s going to happen” right: the citizen has the right to be told what will happen with personal data before it is submitted and the data shall only be used if explicit consent is given.
  2. The “show me my data” right: the citizen has the right to know what data is being collected about them, why it’s being collected and how it’s being used.
  3. The “I want to change that” right: the citizen has the right to have data modified or updated.
  4. The “forget about me” right: the citizen has the right to have their private data removed completely.
It is safe to say that #2, #3 and #4 do not apply when visitor is sending an email in contact form. Even if they were, it would not be difficult for you to satisfy those requirements on request. If you are paranoid, you could for example write "We do not store your email in any way, and it is only used to reply to your request".

6. It's really dumb
Considering the above, and that there is no mention of such "required checkbox" for contact forms, this is a really dumb solution. If the visitor fills email, name, writes a message, and clicks "SEND", then of course they want to send the email to you, and will expect a reply. What kinda logic would have it that they would fill the contact form, send, but refuse to allow you to reply? This is just another negative factor for the visitors user experience.

Also, there is another twist:
https://thrivethemes.com/gdpr-for-email-marketing/
Under GDPR, you are not allowed to disadvantage anyone because they don’t provide consent. That means in a form like this one, you can’t make the checkbox required.
Ok, so what should I do?
  • Nothing, unless you are categorically storing the users data for specific reason.
  • If you are paranoid, you could write something like "We only use your data to reply to emails, and do not store emails for marketing or any other specific purpose".
  • Are you adding incoming emails into newsletter or spamming emails with marketing? Then, YES you would have to make this clear up front, possibly by using checkboxes.
  • Don't worry. Eu are not out to get you. Even if they were, you would simply need to prove the FOUR POINTS noted in #5 above.