chipzoller
commented
3 years ago Because this theme does not make use of cookies at all (@onweru to correct me) it's GDPR ready out of the box.
Open asitav-sen opened 3 years ago
chipzoller
commented
3 years ago Because this theme does not make use of cookies at all (@onweru to correct me) it's GDPR ready out of the box.
onweru
commented
3 years ago Because this theme does not make use of cookies at all (@onweru to correct me) it's GDPR ready out of the box.
@chipzoller, you're right. However, some people may use something like google analytics which has cookies. This way, I think adding the popup would be helpful. This popup will have a GDPR knob on the config so that it's optional. I too didn't think of this before.
chipzoller
commented
3 years ago This sounds like something we should implement.
asitav-sen
commented
3 years ago Thank you!
joesan
commented
2 years ago Is there an update on this?
chipzoller
commented
2 years ago @rootwork is this something you'd be interested in taking up?
rootwork
commented
2 years ago Sure! I'll have to think about what kind of optional settings and stylings we'd want to provide, but technologically triggering the presence of a partial with some setting in config will be straightforward.
@asitav-sen @joesan If you have suggestions on what you'd like this to look like, feel free to share. (Obviously the wording in the pop-up/over/dialog would be configurable.)
asitav-sen
commented
2 years ago @rootwork Thanks. I shifted to 'Plausible' and hence won't need anything specific. However, had I been using some cookies, I would have loved to have the following features.
rootwork
commented
2 years ago That makes sense. I think some laws -- is it the French law? -- requires that one be able to disable cookies not required for a site to function but still be able to use the site. So if we allowed for 2a it'd probably have to be possible to bypass it.
And for 2b I'm not sure what a Hugo theme should proactively do in terms of cookies set by third-party scripts. Provide a list of elements to remove from the DOM? Add a class to <body> so that scripts could hook off of it and disable themselves? I don't want to get into a place where we have to research every third-party script to be able to figure out how to turn them off; I think that's a site owner's responsibility, not the theme's.
1 and 3 are easy enough to do. And in terms of 1 I agree that it should provide the option of being a bar, since that's common practice at least in the US where notification is required but acceptance is not (meaning a popup obscuring the page is more intrusive than necessary).
Also I'm not up to date on all the laws; I know about GDPR and the California law, and the Canadian law that I believe is similar to California's. But as I mentioned there's the one I think is in France, and there are probably others outside of Europe/North America too. So I'll have to read up on it.
asitav-sen
commented
2 years ago Yes. In general if the user does not agree, the website should be served without cookies (only the essential ones). By 2 b. I indicated serving website without non-essential cookies. Hence the correct term should not be 3rd party cookies. It should be non-essential cookies. I realized that it could be complicated. That with why I mentioned 2b. Some website owners may not want the website to be served to those who do not want cookies. Hence, the first option. There is nothing illegal about it (unless it is some sort of essential service). Ideally, certain cookies (google, facebook, bing,yandex...) that record or use personal information should not start, unless the user agrees.
tech4normies
commented
2 years ago Is this still being developed?
joesan
commented
2 years ago Is there an update on this?
rootwork
commented
2 years ago I don't think there is any active development on this. We would certainly accept PRs.
Also it might be worth separating this into two things:
The first seems like something that it would make sense for a theme to have; the latter seems like it might be outside the scope of a theme and should probably live as a Hugo module or something.
chipzoller
commented
2 years ago Because this is fairly heavily requested, we should bump this up in priority.
sazstuff
commented
1 year ago Just like you use disqus, which is pretty easy to sign up, free for basic use, and just has a javascript plug-in, you could just support something like Osano for this need https://www.osano.com/plans
On Wed, Aug 24, 2022 at 6:32 PM Ivan Boothe @.***> wrote:
I don't think there is any active development. We would certainly accept PRs.
Also it might be worth separating this into two things:
- A cookie disclosure banner would be easy to implement; we'd just design it, make the text a configurable string, and then provide a setting to enable or disable it.
- A cookie control banner -- that would let you accept or reject certain cookies -- would be considerably more involved, because it would have to integrate into the third-party systems (which means we'd have to decide which to support) in order to actually have some effect, and then we'd have to ensure that it actually did what it said since we'd be implying some level of legal responsibility under GDPR etc.
The first seems like something that it would make sense for a theme to have; the latter seems like it might be outside the scope of a theme and should probably live as a Hugo module or something.
— Reply to this email directly, view it on GitHub https://github.com/chipzoller/hugo-clarity/issues/181#issuecomment-1226524722, or unsubscribe https://github.com/notifications/unsubscribe-auth/A2GJPY5QS2E3NX7IGVVJAJLV22PILANCNFSM46CPOQFQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Hi Chip, Thank you for your awesome work! I was wondering if it is an option to include a cookie consent pop-up in the theme, with the provision to no allow the user to access the website without the consent. Thanks to GDPR, this has become a very common requirement.