Jump to content

Cookie Management Banner


adrian

Recommended Posts

1 minute ago, bartelsmedia said:

Sure, just kindly meant as a suggestion to add this to the offered presets.

Hi @bartelsmedia - sorry, but I don't really have the time / inclination to support this module, but I am happy to accept PRs. Personally I thought these banners were almost designed to overlay content on purpose so that they can't be ignored.

Link to comment
Share on other sites

I don't want to undermine your suggestion but in my opinion the presets are fine.

There is no one-size-fits-all-needs solution in this case. All websites are different in the matter of design and how it was achieved.

I think the provided solutions are a very nice foundation that almost work in most situations already. At least they are a good starting point to build custom solutions later on.

  • Like 1
Link to comment
Share on other sites

  • 3 months later...

Question on behalf of those who are not fluent in JS.
I read through the js code but still not much smarter on how to setup Google Tag Manager so a tag would fire once consent was given.

If I understand correctly I can setup a trigger in GTM that it checks. But would that trigger without page reload?
I want Google Analytics report the current page load as soon as the consent is given so I won't loose tracking the entry page.

Does the tag manager automatically tracks changes in the dataLayer or only on page load?

Link to comment
Share on other sites

  • 1 month later...

Hi Adrian,
Thanks for the great module, it really is very easy to get involved. However, in order to comply with the GDPR, the user must be able to decide again after each session whether he agrees or not. I can not find this function. Is it possible to install this?

Link to comment
Share on other sites

3 hours ago, guenter55 said:

the user must be able to decide again after each session whether he agrees or not

After each session? I really doubt it but where did you get this info?
Didn't find that session thing on eRecht24, WBS, JanoLaw and others. I source for that would be awesome!

If that's the case some parts of the module/script need some changes to reduce cookie lifetime. 

Right now the cookies live quite a long time - as the user opted-in or out.

Link to comment
Share on other sites

3 hours ago, wbmnfktr said:

After each session? I really doubt it but where did you get this info?
Didn't find that session thing on eRecht24, WBS, JanoLaw and others. I source for that would be awesome!

This is evident from the legal text that has been cited many times by various websites. That may be handled differently in different countries. It goes so far that also has to be saved, who has given an approval. You can do this here e.g. read, I quote from it:

"Clearly, after the session ends and the link between the user and the session is destroyed, you will need to seek fresh consent each time the user returns to your website."

Link to comment
Share on other sites

I don't know where those various websites you mention quote their text, the below quote is directly from https://gdpr.eu/gdpr-consent-requirements/:

"The GDPR does not indicate a shelf life for consent. Theoretically, a person’s consent is indefinite"

It is a requirement though that a person must be able to revoke their consent at any time. But asking them each time is just bad user experience in my opinion.

  • Like 2
Link to comment
Share on other sites

14 minutes ago, Jozsef said:

I don't know where those various websites you mention quote their text, the below quote is directly from https://gdpr.eu/gdpr-consent-requirements/:

"The GDPR does not indicate a shelf life for consent. Theoretically, a person’s consent is indefinite"

It is a requirement though that a person must be able to revoke their consent at any time. But asking them each time is just bad user experience in my opinion.

Thanks for your link, I will read later. You are right, it is annoying for the user.
I'm not an expert right now and maybe I misunderstood it, too, and that means that once you save it as a personal attitude, it may take longer.

But in any case - and you write that too - the user has to be given the opportunity to revoke a given consent every time he returns to the website (ie when he has closed the browser window and has finished the browser!) ,

Hence my question @adrian earlier.

@adrian: after writing this, I thought about looking in the module directory and found in the readme:

Quote

... that will allow the users to show the banner even after they have saved their preferences / accepted.
`` `
<a href="#cookies" class="js-pwcmb-notice-toggle"> Manage Your Cookies </a>
`` `


This answers my question, but Adrian, maybe there is the possibility to define this in the module settings and with a small "flag" at the end of the website to call a button for it, as I believe in Silktide.

Link to comment
Share on other sites

41 minutes ago, guenter55 said:

This is evident from the legal text that has been cited many times by various websites.

Those are?

42 minutes ago, guenter55 said:

It goes so far that also has to be saved, who has given an approval.

It's in the cookie. Saving it server-side would open even more gates therefore some solutions are not GDPR-safe as they save it on their servers.

43 minutes ago, guenter55 said:

You can do this here e.g. read, I quote from it

Where is that quote from?

 

By now I have a solution on some of my personal projects that are approved by lawyers to be GDPR-safe and those could collect tons of data... just by one cookie and one click.
I paid lots of money to be safe ... so your sources would be really nice as I could get some money back - maybe.

  • Like 1
Link to comment
Share on other sites

5 minutes ago, wbmnfktr said:

Those are?

It's in the cookie. Saving it server-side would open even more gates therefore some solutions are not GDPR-safe as they save it on their servers.

Where is that quote from?

 

By now I have a solution on some of my personal projects that are approved by lawyers to be GDPR-safe and those could collect tons of data... just by one cookie and one click.
I paid lots of money to be safe ... so your sources would be really nice as I could get some money back - maybe.

I've read so many websites that I do not want to list that now. Every time I think the GDPR has to be right now, I read something and become uncertain again.

Sorry, I forgot the link: https://ico.org.uk/media/about-the-ico/consultations/2013551/draft-gdpr-consent-guidance-for-consultation-201703.pdf

Exactly - never ask a lawyer, then it's really long and expensive ?
Of course they do that exactly to protect themselves. The problem is that there are so many uncertainties that many points have to be judged first.

But I believe that with a legal discussion here we break the question to the module and are off topic.

  • Sad 1
Link to comment
Share on other sites

Thanks everyone for the recent discussion on this - the intricacies of GDPR are not my forte. 

19 hours ago, guenter55 said:

This answers my question, but Adrian, maybe there is the possibility to define this in the module settings and with a small "flag" at the end of the website to call a button for it, as I believe in Silktide.

Sorry, I don't really understand what you are looking for here - I don't think the module should always output a "Manage Your Cookies" - I think this needs to be something that the site developer decides where it should go and how it should be styled. Or maybe I am confused by what you want?

  • Like 1
Link to comment
Share on other sites

4 hours ago, adrian said:

Sorry, I don't really understand what you are looking for here - I don't think the module should always output a "Manage Your Cookies" - I think this needs to be something that the site developer decides where it should go and how it should be styled. Or maybe I am confused by what you want?

I'm sorry if I confused you a bit.
To solve the confusion: most cookie banners have only one button with 'OK'. In this case, I think that according to GDPR after each end of the website and closing the browser, the user must again confirm the OK button.

In the case of your cookie banner, the user can save his decision and that obviously lasts according to the GDPR law (thank @ Jozsef's explanation) until the user wants to decide again whether to accept cookies or decline (this is mainly about GA , Matomo etc. or Marketing Cookies). But where - that was my question. The answer I found later in the readme: I have to program it myself ... ?

You are right that the developer or programmer can program how and where the user cancels his consent. Only I like to use such a module as a black box. I set the functions and nothing is left to do. ? Therefore I would have liked the idea quite nicely if you make a slide-button (a small tab) at the bottom of the website, which shows the possibility of the revoke, so that I can easily set that in the backend, if I want that or not. I found this here: https://cookieconsent.osano.com/examples/example-4-opt-out.html

Some like such a solution, some do not. I think I remember that the GDPR law provides that it must be made as easy as possible for the user to make a revoke. For me as a designer, this solution appeals. Maybe not really necessary, but still.

Link to comment
Share on other sites

Sorry, @guenter55 - I don't see anything in that example at osana.com that looks like a way to revoke consent after they have already given it. In my mind the link to revoke after initial accepting isn't something that can really be part of the module because where it should physically appear is specific to every different website - it's not something that can be in an overlay banner like the initial accept/deny option.

  • Like 1
Link to comment
Share on other sites

The demo at https://cookieconsent.osano.com/ gets actually blocked from most (of my installed) adblockers in their default settings. Which is quite interesting. Maybe that's the reason why I don't see those banners that often anymore.

But back to your question... you already found the link to trigger the cookie management tab/banner. You can place it whereever you want and whenever you feel the need for it. So your idea of a slide button already exists - somehow. You have to style it anyway for each project. It's just another link - or whatever you want it to be.

I personally place it on my privacy page at a some places with various labels (disable Google, disable cookies, revoke cookie decision, and so on...). 

<a href="#cookies" class="js-pwcmb-notice-toggle">Change cookie settings / revoke decision</a>

Your Silktide example shows it's "Sorry, changed my mind" banner only once, right after accepting or denying cookies. At least in all demos I found. You or a developer you work with could check if the cookie is either set or has a defined value to enable the above mentioned link - there are a few ways to do so.

Another option would be a fork of the module and changing the lifetime of your cookies to day or a week.

  • Like 1
Link to comment
Share on other sites

24 minutes ago, wbmnfktr said:

Your Silktide example shows it's "Sorry, changed my mind" banner only once, right after accepting or denying cookies.

I don't see it at all - using Brave Browser, but thanks for pointing out that there is actually something there when it works.

Link to comment
Share on other sites

But again, I wouldn't disturb my visitors with yet another popup once they are happy that the original one has disappeared and they can finally get to their business. It's a legal necessity, I get it but most users I talk to hate them, myself included. So I stick to the very minimum that must be done and don't overdo it. I have a link in the footer that brings up the banner (as per instructions) but I won't invite the visitor to change their minds. ?

  • Like 2
Link to comment
Share on other sites

10 minutes ago, wbmnfktr said:

Brave might block the whole script actually - and I like it.

This "Sorry, changed my mind" thing appears top/left or bottom/right after clicking "Ok... got it!".

You have to look for it actually. I almost always miss it.

All I see is this:

image.png.bd762fe09cd4db0fce479371f35386fd.png

but it's almost completely hidden until you hover over it.

Anyway, as I think we all agree - this is all a PITA and I think we should interrupt the user as little as possible.

  • Like 1
Link to comment
Share on other sites

  • 3 weeks later...

The module itself is more like a toolkit. It looks for a cookie to show/hide the banner and sets value(s) depending on the user's choice and your settings. Based on that decision and your settings you can build up your more complex logic if needed.

Quote

You can wrap your tracking/marketing cookie code in a check for the localstorage key of: pwcmbAllowCookies

if(localStorage.getItem('pwcmbAllowCookies') == 'y')

Source: http://modules.processwire.com/modules/cookie-management-banner/

That snippet allows you to trigger/load Matomo, Google Analytics, Tag Manager, Amazon, whatever. Play around with the module and keep an eye on all the cookies/localStorage values and when they get set.

So... coming back to your question: if the user neither allows, nor denies cookies the module does almost nothing. There is an option to autofire/allow cookies/track visitors but at the end you always decide what happens in which case.

You could build something like this: https://github.com/webmanufaktur/CookieManagementBanner/blob/master/assets/html/CookieManagementBanner.OptInOut.html

  • Like 2
Link to comment
Share on other sites

We could call it a marker of some kind. Yes. And everything around it. 

As said... install it and play around. There are tons of things you can change, edit and do with it.

Depending on the tools, cookies and things you want to use, you might want to extend parts of the module with your logic and functions.

Link to comment
Share on other sites

Thank you very much for the module. Based on latest EU legislation, cookie consent requests must default to NO.

However, if clicking the X in the top-right of the cookie consent dialog, it seems to default to YES:

But it is even worse: In the cookie consent management, no choice is indicated, leaving visitors clueless, whether cookies are stored (while they actually are).

This really seems to be a bug which can bring users into troube. Could you please update the module, so that no cookies are allowed until the user expressly agreed to it?

  • Like 1
Link to comment
Share on other sites

As you allow users to manage their decision/choice change one line in your module and it's done.

notice.tpl.php - Line 18

<span class="pwcmb-widget__close js-pwcmb-manage-cookies">Close</span>

Instead of accepting cookies the user has to choose now wether he allows or denies cookies.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...