The latest articles on DEV Community by yolaris (@yolaris). https://dev.to/yolaris https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F227154%2F6519e387-4c22-4785-b4d3-fd7b32850a91.jpg https://dev.to/yolaris en yolaris Tue, 10 Sep 2019 16:21:27 +0000 https://dev.to/yolaris/how-to-quickly-check-cookies-for-compliance-with-gdpr-4jia https://dev.to/yolaris/how-to-quickly-check-cookies-for-compliance-with-gdpr-4jia <p>After setting up my small blog I already had a base solution to make cookies GDPR compliant, but it was a quite expensive for me.<br> I was not that happy, so I decided to explore GDPR requirements.</p> <p>In general, if your website is visited by EU consumers, you must comply with the GDPR even when you don't collect any personal data.<br> Since site visitors can be tracked by third parties through cookies, you should always keep an eye on the cookies that are set when your site loads.</p> <h2> GDPR compliant cookies 🥮 </h2> <p>You comply with the GDPR if you set cookies after obtaining prior consent. The consent banner should block cookies until the user clicks the allow button.</p> <p>You also comply with the GDPR if you do not set any cookies at all or set strictly necessary cookies without prior consent obtaining.<br> The European Commission <a href="https://ec.europa.eu/ipg/basics/legal/cookies/index_en.htm">gives</a> examples of such strictly necessary cookies:</p> <ul> <li>user input cookies, for the duration of a session</li> <li>authentication cookies, for the duration of a session</li> <li>user centric security cookies, used to detect authentication abuses and linked to the functionality explicitly requested by the user, for a limited persistent duration</li> <li>multimedia content player session cookies, for the duration of a session</li> <li>load balancing session cookies, for the duration of session</li> <li>user interface customisation cookies, for a browser session or a few hours</li> </ul> <h2> What about Google Analytics </h2> <p>Any statistical, advertising or similar cookies aren't strictly necessary and cannot be set without prior consent obtaining.<br> If you use Google Analytics, Google Adsense or DoubleClick you should to get user's consent. By the way, Google <a href="https://www.google.com/about/company/user-consent-policy/">warns</a> about this.</p> <h2> How to quickly check your cookies </h2> <p>To check website cookies for GDPR compliance you can use <a href="https://2gdpr.com">2GDPR</a><br> It takes about a minute to scan.<br> If violations are found, it will take longer to analyze the results.</p> webdev beginners tutorial gdpr