GDPR Compliance and Osclass script

[Aficionado]

This

https://iapp.org/news/a/top-10-operational-impacts-of-the-gdpr-part-8-pseudonymization/

remains as a mystery for me, since i think it can't be done without changing the core of any script (Joomla, Wordpress, Osclass).

[marius-ciclistu]

This is "nice"...... So you should keep the phone number, name and email address in another db or what? And even more, if someone sends a contact message for a car add, for example....the car's image is also an identifier....

[Aficionado]

This is "nice"...... So you should keep the phone number, name and email address in another db or what? And even more, if someone sends a contact message for a car add, for example....the car's image is also an identifier....

I have no idea at all.

Also see here for some information (Invision board is a popular standalone forum php script) :

https://invisioncommunity.com/news/product-updates/how-invision-communitys-tools-can-help-with-gdpr-compliance-r1052/

[marius-ciclistu]

Maybe 1% of the users will read there gdpr on some websites......

[osclassics]

Is there still no OsClass plugin for this?

[marius-ciclistu]

Aficionado, it just occured to me that some users are posting ads without an account  if the webmaster allows it. I don't use this feature, that's why I ask: How is the data of those users handled in DB? In the same way as it is with the registered ones?

[Aficionado]

Aficionado, it just occured to me that some users are posting ads without an account  if the webmaster allows it. I don't use this feature, that's why I ask: How is the data of those users handled in DB? In the same way as it is with the registered ones?

Yeah, i don't use that either. I guess some data are also saved since you are given a link to edit/delete the ad.

[marius-ciclistu]

Will this stand also on item inquiry form? Although it doesn't save any data when email is sent, some data is processed and if you use More edit plugin a get a copy of each inquiry, does this counts as storing the data then? 

Also, the cookie plugin Cookie Consent offers only "I understand" button for cookies, which are loaded regardless of you would want to accept them. By the new rules, none of the cookies will be automatically installed, if user does not click I accept. Not even analytics tracking, so expect some noticeable falls in visitor stats.

Hi. I saw that osclass without any plugins is using one cookie that expires in 1969. Do you lnow more about that? What does that cookie contain?

Also if google analitics has a code in my osclass, __utm...cookies are used. If the used doesn't allow tracking it can set that into it's browser. ANd that means these __utm... cookies doesn't have to be accepted by the user?

If not then I gues I must remove the analytics code(anyway it has no use for me..)

EDIT. At a closer look with firefox this is a session cookie.

[calinbehtuk]

Salut marius. Nu cred ca ar fi ok sa lasi link-ul spre magazinul meu. Nu cred ca cei de la osclass ar fi de acord. Ar fi mai ok sa-l scoti.

[marius-ciclistu]

..We'll end up  with all the sites having a pop-up to accept cookies before visiting the site, just like the adults one have... if the cookies must be accepted by the visitors before viewing the site.

[osclassics]

..We'll end up  with all the sites having a pop-up to accept cookies before visiting the site, just like the adults one have... if the cookies must be accepted by the visitors before viewing the site.

Ehm, no.

GDPR is a LOT more complicated than this.

[marius-ciclistu]

I know, but I was just pointing out the effect of having tho accept cookies and only then load them.
I did not found yet the purpose of the cookie used by osclass that has a random string name with exp date 1969.

[marius-ciclistu]

Regarding the session cookie. I've read that is used for secuity instead of server session. Is there anything more that need to be added to this statement?

[marius-ciclistu]

quote from
https://www.itgovernance.eu/blog/en/how-the-gdpr-affects-cookie-policies/

Cookies are mentioned only once in the EU General Data Protection Regulation (GDPR), but the repercussions are significant for any organisation that uses them to track users’ browsing activity.

Recital 30 of the GDPR states:

Natural persons may be associated with online identifiers […] such as internet protocol addresses, cookie identifiers or other identifiers […]. This may leave traces which, in particular when combined with unique identifiers and other information received by the servers, may be used to create profiles of the natural persons and identify them.

In short: when cookies can identify an individual via their device, it is considered personal data.

Now please give your opinion about the osclass cookie that osclass uses by default (as PHPSESSID I gues, or if i'm wrong, please correct me).

How can we implement the loading of that cookie only after the user acceptance?

I thought about a bar in footer with some text and the accept button , that @ click anywhere in the viewport or scroll should zoom out to blur the whole viewport of the page asking for accept of that cookie in order to browse the website. I gues in this way, SEO won't be affected.

Once that accept is clicked, the action could be recorded in the browser's globals via JS and in this way the bar will be hidden until the user closes that tab or browser.

Of course the display of that bar should be done only if the accept is not stored in browser's globals array, else the

Code: [Select]

display:none; could be used.

In a similar way can be implemented the acceptance for analytics cookies sent by google, but here a footer bar can be used without mandatory action from user, in the way that the user can decite to refuse them, and still be able to use the website.

I don't know  for sure if google rankings are based on analytics or not....and how this will affect google rankings...

I hope a free extension will be made for this, NOT a payed one as the tine needed for it is not so much(cookies consent)...

If we agree uppon a solution, I could share the mods needed in core and bender theme.

[Aficionado]

Personally i don't like the idea of having users to click here and there, to be able to view my site. I think the cookies plugin is enough right now.

Because if i use 10 3rd party of scripts, i shall have 10 options ? I don't think so. It is crazy. One page with all the information is enough.