rdelaloy
commented
5 years ago Adding this information here so we have it: ACTION REQUIRED: Ensure Your Sites are GDPR Compliant
On January 9, the university added a cookie notice pop-up to all GW Drupal websites. This action—coupled with an update to the university's Privacy Notice and website Terms of Use—made all GW Drupal websites compliant with data privacy laws, including General Data Protection Regulation (GDPR). However, GW websites that are on other instances of Drupal or other platforms entirely may still be non-compliant with privacy laws. Data privacy laws apply to all websites at GW, both public-facing and behind login. Specifically, ensure you sites are consistent with data privacy laws by adhering to the following If cookies are being used on the site, users must be notified and be offered methods for opting out.
Refer to the cookie notice on GW Drupal sites for language appropriate for your own cookie notice pop-ups. Include links to the Terms of Use and Privacy Notice on all pages (note the wording change from “Privacy Policy” to “Privacy Notice”). These are the official versions of these documents. They have been vetted by the Office of General Counsel and will be updated as necessary to remain compliant as data privacy laws evolve. Do not reproduce these documents on your own website. Review all websites within your organizations that are not hosted on GW Drupal and implement a cookie notice as well as ensure they link to the correct Terms of Use and Privacy Notice. These actions should be completed no later than March 1, 2019.
Resources for Drupal Developers If you host your own instance of Drupal, you can use the central GW Drupal configuration as a guide: We are using the EU Cookie Compliance module with the following settings: Permissions: Anonymous use Content Method: Consent by default. Don’t provide any option to opt out. Store Record of Consent: Do not store. Cookie Information Banner Message: Please use this exact language as it has been approved by GW general counsel: GW uses cookies and other technology on our websites to improve your website experience and to better understand how you use our websites. Visit GW’s Website Privacy Notice to learn more about how GW uses cookies and, if you should choose, how to disable them. I understand that by clicking “I consent” and continuing to use this website, I agree to GW’s use of cookies Thank You Banner: Do not enable. Appearance: Bottom Advanced: Check the box labeled “Let screen readers see the banner before other links on the page. Cookie Lifetime: 100 days For websites outside of Drupal
If you have other websites on other platforms, below are some potential resources for finding plugins or code to enable a cookie notice pop-up on your site. Wordpress GDPR plugins Insites’ open source cookie consent javascript plugin
Have additional questions?
For questions relating to data privacy and proper methods for collecting and storing user data, send an email to comply@gwu.edu. For questions about GW Drupal or implementation of the EU Cookie Compliance module, contact onlinestrategy@gwu.edu.
maxstarkenburg
Things to look into with this: