SachaG
commented
3 years ago Sorry, what do you mean? Not allowed how?
Open dreitzner opened 3 years ago
SachaG
commented
3 years ago Sorry, what do you mean? Not allowed how?
dreitzner
commented
3 years ago When you open the link from the email it has the email address inside of the URL, which is a personal identifier and not allowed under GDOR 😉
SachaG
commented
3 years ago Do you have a reference? What exactly is the issue here? By definition the email address is already included in the email to field, so is the issue the fact that it's being included in the link?
dreitzner
commented
3 years ago Yes it is just the fact that the email is in the URL. Here is a great article: https://support.google.com/google-ads/answer/6389382?hl=en-GB
SachaG
commented
3 years ago OK, I get the issue now. The risk is leaking the URLs to a third-party through tracking? If that's the worry, we don't use any analytics so I think we're ok on that front. I'm not sure that alone makes it an issue with the GDPR though?
The emails are passed to enable prefilling the log in form to save time, I'll see if there's any other way to do it that doesn't require passing the email in the URL.
Links are not allowed to have personal identifiers: https://stateofcss.com/?source=stateofjsemail&email=email@example.com