Feature wish: Blocs COOKIE CONSENT bric that is GDPR-compliant

Feature wish: Blocs COOKIE CONSENT bric that is fully GDPR-compliant

The Cookie Consent Bric by Cazoobi is not GDPR-compliant anymore since earlier this year.

Now all cookies (except the technically absolutely needed ones) HAVE TO BE blocked until ACTIVE consent by the visitor (with a click).

You can see this function in the Borlabs Cookie Consent (that I see quite often now on many websites).
However, Borlabs is a plug-in for WP only.

**Please @Norm or @ all you genius Bric developers: **
make us a GDPR-compliant Cookie Consent Bric.

That is really really important (unfortunately)…

How should Blocs know the cookies you are using?

Do you know which cookies you are using?

I don’t know if this helps, but in all my websites and my client websites I create the legal documents, and use this platform:

When you tell the country of your website they reflects RGPD and legal information regarding that specific country.

Regarding Cookies, they even have their banner and code to integrate in blocs:

And I have a few websites of my clients, I have a premium account so one time payment and can use in all my clients websites, and then the policies are in their servers so instead of copy text to the site I create links for each client policie. So if I need to change something, because I add maps, or cookies in website I change in the platform the cookie policie and it affects automatticly the client policie and I don’t need to change their websites.

Haha! Consulting this stuff is part of my day job, where do I start?

These are services, they’re not a complete product in a plugin. it hooks into your site allows service access for more advanced executions.

The Wordpress plugin is actually a wrapper for a service (and an expensive one I might add).

The plugin works easily with Wordpress sites since they are so popular, but these services work with static sites as well. They usually have a plugin for every platform, but Blocs doesn’t really need one.

Another hurdle is that the snippet of code that you add to the site is uniquely generated to work on the domain you have setup. Even with the wordpress plugin.

Why is it a service?

This is heavy stuff. It happens in the cloud. it’s nothing close to providing SEO hooks etc. It’s a robust solution that takes companies who provide it years to develop. And it’s compliant with means there are lawyers behind the effort, again not something for the design or dev tool itself to tackle.

Blocs and Cookies "out of the box"

When you make a site in Blocs, Google Analytics is generally the only Cookie you’ll have unless you add a script, code or bric that introduces more of them. many 3rd party scripts add cookies for all sorts of reasons.

Finer points

Cookies are going away eventually do to privacy concerns. I use local storage now, but the fact is that First Party Data is going to be all that’s tolerated someday. Maybe I’ll do a write up about some day.

This is where the confusion for many comes in,

These Banners you see everywhere are partially the problem, They lead you to think that the banner is all there is to GDPR compliance.

For full compliance you have to give the user an option to use your site without cookies. Think for a second how difficult that can be to do and still market effectively if you’re at scale. It’s a nightmare.

The largest project I’ve worked on involved categorizing dozens of cookies for each different section of the site, Front and Backend remember, any touchpoint for the enduser. The most robust solutions involve a complete strategy to offer cookie-less experience that still capable of some measurement. If users opt out of cookies.

But @Whittfield as you have more experience in this subject that me, is ok that I use this services right? I understand what you mean by make the website with or without cookies, but in case you need to have your website working with cookies (goggle maps, fonts, etc…) you can add like a POPUP when you enter in the website informing that specifically, that if you use the website the website will generate cookies and where, and if the user don’t want to allow the using of cookies he cannot enter in your website as its mandatory, then the NOT ACCEPTED button redirect the user to google for example.

I know that this is not the best solution, but is something right?

And about WebsitePolicies they are ok right?

To be clear, Blocs does not add any cookie by itself. If you as website creator add that Google Analytics code, the cookie comes from there, not from Blocs.

Not if they are essential to run the website. You are not able to provide a shop, if the shop requires for example a PHP session cookie. You’re just not able to disable that.

Of course this is being technical, but the other bases were covered.

The banners themselves don’t do the work of categorizing your cookies is all I’m saying.

We agree, but here’s why I explain it this way and the way. If you create the banner and don’t “curate” the cookies you can’t have an ecommerce store and be compliant in my understanding.

Hi,
this a link by @MichaelZ
Daschmi's Notizblog » Do-you-want-a-cookie? – Cookie Opt-In Script

Works really good and only pay once for a website, no monthly payment. But you have to work a little bit with code
tom

ohh this is pretty clever… and shows how much work is involved in automating this. I can dig it.

I wish I could say that

Guys, the state of GDPR problems is really, really (unfortunately) like I described in my starting post.

Some confusion may come from the fact, that to be compliant with GDPR you_also_ do have to have some specific legal text and other things, like where is the imprint, how easily can it be reached, what has to be written in the imprint etc etc etc etc.

But I was just referring to a Cookie Consent banner with the described function, that is needed now.

And some confusion may come from the fact, that the Cazoobi Cookie Consent banner which is available now, in fact WAS fully compliant.

BUT in May or June 2020 they changed all the rules (as if we all didn’t have enough problems in life already).

I have read a lot about all that and watched many hours of webinars from IT lawyers. It really IS like this now:

The Borlabs WP Plugin shows you this function.

The daschmi solution seems to do the same thing, but looks complicated to use.

Has anybody already used daschmi’s solution?

I just wish, there was an easier solution, a brick just like the Borlabs WP Plugin.

@Jannis
Yes of course, the cookies com from services that we would put into the website somehow.

And of course we also have to have the knowledge, what cookies are TECHNICALLY NEEDED = do not need any consent
and
all the other cookies which have to be INactive until active consent.

example:
I would like to implement an email tool autoresponder and this also has some tracking possibilities. Other functions of this email autoresponder are technically needed and would thus not need an active consent by the user.

I hope I could explain it better ?

Feel free to ask me about this (dreadful) topic

Has nothing to do with cookies. Imprint is also requested by German law, not for example by UK law (afaik).

It still is fully compliant if you are only using cookies, which are functional needed.

It is just not that easy. Every software running on your website (which are also YouTube iframes) would have to be embedded into a “was this cookie consent given” bric (and, btw., this functionality isn’t available in Blocs to embed content into custom bricks).

Exactly it has to with GDPR (whole EU) . I just tried to separate the Cookie Consent Banner topic from other GDPR demands that where mentioned before (like legal texts etc)

No, actually you would not need any Cookie Consent Banner in the form of just an info giving pop-up AT ALL when a website is REALLY only using purely technically needed stuff.
I even know an IT laywer who made sure his website was „clean“ like that and he doesn’t use an (annoying) Cookie Consent Banner at all.

Still it is compliant…

Well yes, when one has NO cookies that would even need consent by the visitor, you could use this brick (but you would not even have to then).

The problem is, what if one e.g. wants to show a YouTube or Vimeo video or uses some other services that bring cookies into the website?

Right now I just see no option at all to do this easily in Blocs when one wants to be compliant with GDPR (which affects whole EU).

You could always pretend to be Google. They seem to manage without a GDPR pop up.

That’s not completely true

Screenshot 2020-12-02 at 17.19.303316×2010 640 KB

Not if you use a script blocker to stop all these annoying and pointless popups, along with all their tracking cookies