GDPR compliance?

[SocketPup]

As you are probably aware, sites available to EU-people requires GDPR-compliance.
Are there any Joomla extensions for this? If so, which one(s) are the best/easiest to use?

Thanks.

[pe7er]

As you are probably aware, sites available to EU-people requires GDPR-compliance.
Are there any Joomla extensions for this? If so, which one(s) are the best/easiest to use?

The GDPR privacy law is meant to protect the privacy of EU citizens.
So try to minimize the gathering, handling and storage of personal data.
Make sure that the company of the website has a processing index in which they document:

• what personal data they process
• the effected persons
• how long they store the data
• with whom they share the data (the recipients)
• how they protect that data

Some 3rd party extensions have options to limit the storage of personal data.
E.g. RSForm Pro has an option to remove the submitted form data after x days.

Since Joomla 3.9 there's a Privacy Tool Suite in the Joomla core:
https://www.joomla.org/3/

Some more info about that: https://magazine.joomla.org/all-issues/ ... tool-suite

[SocketPup]

As you are probably aware, sites available to EU-people requires GDPR-compliance.
Are there any Joomla extensions for this? If so, which one(s) are the best/easiest to use?

The GDPR privacy law is meant to protect the privacy of EU citizens.
So try to minimize the gathering, handling and storage of personal data.
Make sure that the company of the website has a processing index in which they document:

• what personal data they process
• the effected persons
• how long they store the data
• with whom they share the data (the recipients)
• how they protect that data

Some 3rd party extensions have options to limit the storage of personal data.
E.g. RSForm Pro has an option to remove the submitted form data after x days.

Since Joomla 3.9 there's a Privacy Tool Suite in the Joomla core:
https://www.joomla.org/3/

Some more info about that: https://magazine.joomla.org/all-issues/ ... tool-suite

What I'm looking for is a solution that displays a "accept cookies" modal to new visitors. Not sure what personal data Joomla stores by default, but what I am using in my project is Google Maps, displaying the adress of the business. I also plan to use a contact form. Do I need to block Google Maps if user declines the "accept cookies"?

[pe7er]

What I'm looking for is a solution that displays a "accept cookies" modal to new visitors. Not sure what personal data Joomla stores by default, but what I am using in my project is Google Maps, displaying the adress of the business. I also plan to use a contact form. Do I need to block Google Maps if user declines the "accept cookies"?

The Joomla front-end uses session cookies that are removed automatically after the session.
Those are functional cookies, necessary for the working of the website.
You do not have to ask for consent for those.

For sharing personal data (IP address is considered personal data) or storing 3rd party cookies you need to get consent.
So if you want to comply with the GDPR, you should not share your users IP address with 3rd parties without their consent.

[AMurray]

There are plenty of those on the JED. They won't necessarily use a modal box, but usually a banner alert (at foot or top of the screen) asking to accept cookies, and/or with a button to change the options of which cookies they want to accept or not - some are required such as "remember me" check box for the login form.

https://extensions.joomla.org/instant-s ... 5D=cookies

Ironically, a cookie would need to be used to save the user's settings for the cookies.....

[SocketPup]

For sharing personal data (IP address is considered personal data) or storing 3rd party cookies you need to get consent.
So if you want to comply with the GDPR, you should not share your users IP address with 3rd parties without their consent.

Would using Google Maps on my site = sharing users IP addresses with 3rd party?

[pe7er]

Would using Google Maps on my site = sharing users IP addresses with 3rd party?

Yes, the visitor's browser will automatically contact Google to retrieve the map.
With that action the visitor shares their IP address with Google.

[SocketPup]

There are plenty of those on the JED. They won't necessarily use a modal box, but usually a banner alert (at foot or top of the screen) asking to accept cookies, and/or with a button to change the options of which cookies they want to accept or not - some are required such as "remember me" check box for the login form.

https://extensions.joomla.org/instant-s ... 5D=cookies

Ironically, a cookie would need to be used to save the user's settings for the cookies.....

Sounds great. Modal or banner alert doesn't matter.
Do you know of any good extension for this purpose?

[Per Yngve Berg]

Be aware of where you load the fonts from. Have a copy of the fonts on your site and load them locally instead from 3. Party sites.

[SocketPup]

Be aware of where you load the fonts from. Have a copy of the fonts on your site and load them locally instead from 3. Party sites.

Good advice. As it is now, I import directly from Google Fonts. If I am to import them locally, should I store the fonts in the same folder as my css-file?