search

TyMaszWeb / django-cookie-law

Helps your Django project comply with the EU cookie regulations by displaying a cookie information banner until it is dismissed by the user
BSD 2-Clause "Simplified" License
140 stars 69 forks source link

GDPR compliance #54

Open kwisatz opened 5 years ago

kwisatz commented 5 years ago

Banners that can only be dismissed aren't compliant with GDPR. Are there any plans to augment this plug-in to make it compliant and ask for consent (opt-in) ?

piotrkilczuk commented 5 years ago

Hi @kwisatz,

Thanks for making me aware of that. I have updated the readme to let potential users know.

I've had a quick look at PECR/GDPR and looks like this would require quite a bit of work (but it's an interesting challenge). As far as I know, Django will not bother with obtaining a user's consent before it sends a Set-Cookie header - so I'm curious how we could make that 'conditional'. Probably by using a custom middleware that inherits from the default ones.

I didn't have any immediate plans to add more functionality to this project, but who knows...

(I am more than happy to accept PRs of course)

9mido commented 3 years ago

Look at https://github.com/bmihelac/django-cookie-consent

This is fully GDPR compliant. It is a free replacement for a paid cookie consent product.

Would appreciate others to contribute to this project as well.