Duplicate Change the Cookies Notice, to be dismissed without redirecting to login page, since most of the browsers now have script blockers

deslocotoco

Well-known member
Hello guys,

As we all know, the GDPR is going worldwide (LGPD in my country, for example, is a copy-paste law from the GDPR) and the Cookies Notice is giving me some headcache, not that my law in my country in specific comply any website to show the cookies notice (just a clear and plane, objective text about Privacy Policies).

As we know, the vast majority of browsers have script blockers by default, and, every time a guest enter in my website, they see the Cookies Notice, and after clicking accept or 'More Information', they automatically are redirected to the login page.

I already asked about this thing in the support nodes in XF, but, as far i remember, we need our users to disable the blockers to properly use the site and guys, WE KNOW that the guest will close our window if they redirect to a login/sign-up page.

Well, obviously this is not a good implementation, a simple html banner should do the trick. The Cookie Notice doesn't have to be a so complicated thing.

And now, as far i know from international laws, the Cookies Settings and Customization are a reality now, basically any WordPress page have a plugin to do this "I Accept" - "I Don't Accept" - "I Want To Customize Cookies Settings".

Whatever. Just bringing a issue to the community to see whats happen.
 
Upvote 2
This suggestion has been closed. Votes are no longer accepted.

Kirby

Well-known member
XenForo cookie notice is not compliant with GDPR anyway (according to german authorities and our data protection officer at least) as it is just a notice and not a confirmation.

Users could just ignore it and continue browsing the site which would set cookies (for Google Analytics, Facebook, YouTube, etc.) without consent.

Furthermore, cookies that are not strictly necessary but used for tracking (like xf_from_search) might already have been set even before the notice is displayed.

If you need smth. compliant you need a full-blown consent management solution like CookieBot, Usercentrics, Consentmanager.net, etc. which is still somewhat hard to properly integrate with XenForo.

There are quite a few threads/suggestions already:
 

deslocotoco

Well-known member
XenForo cookie notice is not compliant with GDPR anyway (according to german authorities and our data protection officer at least) as it is just a notice and not a confirmation.

Users could just ignore it and continue browsing the site which would set cookies (for Google Analytics, Facebook, YouTube, etc.) without consent.

Furthermore, cookies that are not strictly necessary but used for tracking (like xf_from_search) might already have been set even before the notice is displayed.

If you need smth. compliant you need a full-blown consent management solution like CookieBot, Usercentrics, Consentmanager.net, etc. which is still somewhat hard to properly integrate with XenForo.

There are quite a few threads/suggestions already:

Well dear Kirby, you did a much better job than me bringing this subject to the attention. As a lawyer I'm the administrator and DPO of my site at the same time.

In my country, the rules for cookies are more flexible, but in terms of user consent is equally to Germany or EU in general terms.

Thanks for your contribution.

I think XenForo should pay more attention to this matter since the scale of the repercussion is worldwide and apply to all of the costumers from XF.
 
Top