Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Permission for using cookies #2821

Open
4 tasks done
Posoroko opened this issue Feb 29, 2024 · 2 comments
Open
4 tasks done

Permission for using cookies #2821

Posoroko opened this issue Feb 29, 2024 · 2 comments
Labels
feature request v8

Comments

@Posoroko
Copy link

Posoroko commented Feb 29, 2024
edited

Describe the feature

Because it is illegal ( in the EU, at least ) to set cookies on a user's machine without asking for the right permission first, it would be very usefull to have the i18n module to not set any cookie before the permission has been granted.

I've researched a solution to this problem, and I've found nothing.

In the i18n config, we could specify a cookie name that needs to exist before the module actually sets the cookie.

Additional information

  • Would you be willing to help implement this feature?
  • Could this feature be implemented as a module?

Final checks
@Mat4m0
Copy link

Mat4m0 commented Mar 2, 2024
edited

From what I know, it is allowed that you can set cookies without consent as long as they are technical and are necessary for the site to function.
To show the user the right language is, in my opinion, 100% technical and necessary for a site to function.

Source: (German)
https://www.datenschutz.org/dsgvo-cookies/

Translated:

  • When does the General Data Protection Regulation (GDPR) allow cookies?

If their use involves the processing of personal data, cookies are only permitted under certain conditions under the General Data Protection Regulation. According to the GDPR, a website may only use cookies that are not technically necessary if the user has consented to this.

  • Which cookies must be pointed out?

In principle, reference must be made to all cookies that are not technically necessary to ensure the operation of a website. A mere reference to their use is not sufficient, as the user must first expressly consent to their use. How cookie settings can be made GDPR-compliant is explained in more detail here.

  • Which cookies may be set without consent?

Consent is not required for cookies that are technically necessary to provide the basic functions of a website. However, a GDPR-compliant cookie consent tool or cookie banner must offer the user the option to choose between necessary and non-necessary cookies.

@Posoroko
Copy link
Author

Posoroko commented Mar 2, 2024

@Mat4m0 Thanks for your response. I feel this is a tough subject because it's fair to pretend that some people wouldn't want any cookie to be set locally. I personally find it weird that a website I only visit once ( to read about animating a border in css ) would store a cookie to remember my preferred language.

Is it exaggerated to image that we could ask permission before using the local storage in any way ?

I'm ok with the idea of some cookies being "basic site functionality" ...
but as a dev, I feel it would be nice to be able to make cookies conditional to the user's decision.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request v8
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@BobbieGoede @Posoroko @Mat4m0