You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm not a lawyer, but I think we might be making fools of ourselves with this cookie banner (see screenshot) that doesn't even meet current EU legislation demanding an "opt in" to all tracking and non-essential cookies and not accepting plain "Accept"-banners any longer...
I ran an automated conformity test, and the _ga and _gid cookies (Google Analytics) need to be locked until explicitly accepted by the user in an opt-in fashion. The website I used marked the other cookies from CloudFlare and Stripe as essential and therefore compliant.
This website uses cookies to analyze our traffic and only share that information with our analytics partners.
Accept
I am not a lawyer, but I don't think this is sufficient per GDPR/EU cookie law. You have to have the option to turn off unessential cookies, and GA falls into that category imho. I think it even needs to be opt-in instead of opt-out.
I'm not a lawyer, but I think we might be making fools of ourselves with this cookie banner (see screenshot) that doesn't even meet current EU legislation demanding an "opt in" to all tracking and non-essential cookies and not accepting plain "Accept"-banners any longer...
https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_guidelines_202005_consent_en.pdf
I ran an automated conformity test, and the
_ga
and_gid
cookies (Google Analytics) need to be locked until explicitly accepted by the user in an opt-in fashion. The website I used marked the other cookies from CloudFlare and Stripe as essential and therefore compliant.Report can be found in the corresponding Slack discussion: https://owasp.slack.com/files/U1S23SNE7/F016556FB61/report-owasporg-4183554.pdf
Sent from my Pixel 3 XL using FastHub
The text was updated successfully, but these errors were encountered: