Fixed Several important pages can't be (easily) accessed depending on user status

[Kirby]

Affected version

2.0.6 Beta 2

If a user is either

• Banned
• Rejected
• Disabled
• Discouraged

it is not (easily) possible to access Cookie Help, Privacy Policy and Terms of Service.

Those pages pages should always be accessible.

 

[Ozzy47]

I do not see why, none of those user states need any of that.

 

[Kirby]

I'd argue that they do, at least I can't find anything in GDPR that states that users with limited access to a website do not have the right to be informed about cookie usage and privacy policy on that website.

Yes, they can log out to view those pages but I highly doubt a court would find that acceptable as it is not intuitive at all and it requires at least 3 clicks (Profile, Log Out, Page) to get there.

Generally courts (at least in Germany) tend to set a limit of 2 clicks to access such information as there has been ruling (I ZR 228/03) by German Federal Court (Bundesgerichtshof) that an imprint page reachable within 2 clicks is compliant:
http://juris.bundesgerichtshof.de/c...006&Sort=3&Seite=10&nr=37635&pos=322&anz=2105

This is a blog by a German Lawyer dealing with GDPR Compliant Privacy Policy
https://wss-redpoint.com/update-die...kten-zur-rechtssicheren-datenschutzerklaerung

English translation of the relevant part:

However, some things do not change. Thus, the privacy policy can continue to be kept on the website via a link. As usual, this should be clearly labeled "Datenschutz" (Privacy Policy) or "Datenschutzerklärung" (Privacy Policy) and accessible from any (sub) page with a maximum of 2 clicks.

 

[Chris D]

I'd argue that in some of these cases, they've lost some of their rights, but whatever. Done.