GDPR compliance?
Moderators: pe7er, General Support Moderators
Forum rules
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
Forum Rules
Absolute Beginner's Guide to Joomla! <-- please read before posting, this means YOU.
Forum Post Assistant - If you are serious about wanting help, you will use this tool to help you post.
Windows Defender SmartScreen Issues <-- please read this if using Windows 10.
-
- Joomla! Enthusiast
- Posts: 108
- Joined: Thu Mar 14, 2024 7:00 am
GDPR compliance?
As you are probably aware, sites available to EU-people requires GDPR-compliance.
Are there any Joomla extensions for this? If so, which one(s) are the best/easiest to use?
Thanks.
Are there any Joomla extensions for this? If so, which one(s) are the best/easiest to use?
Thanks.
- pe7er
- Joomla! Master
- Posts: 25002
- Joined: Thu Aug 18, 2005 8:55 pm
- Location: Nijmegen, Netherlands
- Contact:
Re: GDPR compliance?
The GDPR privacy law is meant to protect the privacy of EU citizens.
So try to minimize the gathering, handling and storage of personal data.
Make sure that the company of the website has a processing index in which they document:
- what personal data they process
- the effected persons
- how long they store the data
- with whom they share the data (the recipients)
- how they protect that data
E.g. RSForm Pro has an option to remove the submitted form data after x days.
Since Joomla 3.9 there's a Privacy Tool Suite in the Joomla core:
https://www.joomla.org/3/
Some more info about that: https://magazine.joomla.org/all-issues/ ... tool-suite
Kind Regards,
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
-
- Joomla! Enthusiast
- Posts: 108
- Joined: Thu Mar 14, 2024 7:00 am
Re: GDPR compliance?
What I'm looking for is a solution that displays a "accept cookies" modal to new visitors. Not sure what personal data Joomla stores by default, but what I am using in my project is Google Maps, displaying the adress of the business. I also plan to use a contact form. Do I need to block Google Maps if user declines the "accept cookies"?pe7er wrote: ↑Wed Apr 24, 2024 6:29 amThe GDPR privacy law is meant to protect the privacy of EU citizens.
So try to minimize the gathering, handling and storage of personal data.
Make sure that the company of the website has a processing index in which they document:Some 3rd party extensions have options to limit the storage of personal data.
- what personal data they process
- the effected persons
- how long they store the data
- with whom they share the data (the recipients)
- how they protect that data
E.g. RSForm Pro has an option to remove the submitted form data after x days.
Since Joomla 3.9 there's a Privacy Tool Suite in the Joomla core:
https://www.joomla.org/3/
Some more info about that: https://magazine.joomla.org/all-issues/ ... tool-suite
- pe7er
- Joomla! Master
- Posts: 25002
- Joined: Thu Aug 18, 2005 8:55 pm
- Location: Nijmegen, Netherlands
- Contact:
Re: GDPR compliance?
The Joomla front-end uses session cookies that are removed automatically after the session.SocketPup wrote: ↑Wed Apr 24, 2024 7:03 amWhat I'm looking for is a solution that displays a "accept cookies" modal to new visitors. Not sure what personal data Joomla stores by default, but what I am using in my project is Google Maps, displaying the adress of the business. I also plan to use a contact form. Do I need to block Google Maps if user declines the "accept cookies"?
Those are functional cookies, necessary for the working of the website.
You do not have to ask for consent for those.
For sharing personal data (IP address is considered personal data) or storing 3rd party cookies you need to get consent.
So if you want to comply with the GDPR, you should not share your users IP address with 3rd parties without their consent.
Kind Regards,
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
- AMurray
- Joomla! Exemplar
- Posts: 9779
- Joined: Sat Feb 13, 2010 7:35 am
- Location: Australia
Re: GDPR compliance?
There are plenty of those on the JED. They won't necessarily use a modal box, but usually a banner alert (at foot or top of the screen) asking to accept cookies, and/or with a button to change the options of which cookies they want to accept or not - some are required such as "remember me" check box for the login form.
https://extensions.joomla.org/instant-s ... 5D=cookies
Ironically, a cookie would need to be used to save the user's settings for the cookies.....
https://extensions.joomla.org/instant-s ... 5D=cookies
Ironically, a cookie would need to be used to save the user's settings for the cookies.....
Regards - A Murray
General Support Moderator
General Support Moderator
-
- Joomla! Enthusiast
- Posts: 108
- Joined: Thu Mar 14, 2024 7:00 am
Re: GDPR compliance?
Would using Google Maps on my site = sharing users IP addresses with 3rd party?
- pe7er
- Joomla! Master
- Posts: 25002
- Joined: Thu Aug 18, 2005 8:55 pm
- Location: Nijmegen, Netherlands
- Contact:
Re: GDPR compliance?
Yes, the visitor's browser will automatically contact Google to retrieve the map.
With that action the visitor shares their IP address with Google.
Kind Regards,
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
Peter Martin, Global Moderator
Company website: https://db8.nl/en/ - Joomla specialist, Nijmegen, Netherlands
The best website: https://the-best-website.com
-
- Joomla! Enthusiast
- Posts: 108
- Joined: Thu Mar 14, 2024 7:00 am
Re: GDPR compliance?
Sounds great. Modal or banner alert doesn't matter.AMurray wrote: ↑Wed Apr 24, 2024 7:13 amThere are plenty of those on the JED. They won't necessarily use a modal box, but usually a banner alert (at foot or top of the screen) asking to accept cookies, and/or with a button to change the options of which cookies they want to accept or not - some are required such as "remember me" check box for the login form.
https://extensions.joomla.org/instant-s ... 5D=cookies
Ironically, a cookie would need to be used to save the user's settings for the cookies.....
Do you know of any good extension for this purpose?
- Per Yngve Berg
- Joomla! Master
- Posts: 30977
- Joined: Mon Oct 27, 2008 9:27 pm
- Location: Romerike, Norway
Re: GDPR compliance?
Be aware of where you load the fonts from. Have a copy of the fonts on your site and load them locally instead from 3. Party sites.
-
- Joomla! Enthusiast
- Posts: 108
- Joined: Thu Mar 14, 2024 7:00 am
Re: GDPR compliance?
Good advice. As it is now, I import directly from Google Fonts. If I am to import them locally, should I store the fonts in the same folder as my css-file?Per Yngve Berg wrote: ↑Wed Apr 24, 2024 5:09 pmBe aware of where you load the fonts from. Have a copy of the fonts on your site and load them locally instead from 3. Party sites.