GDPR & CCPA
bikegremlin
ModeratorOGContent Writer
in WordPress
Yes, @Ympker I'm thinking of you.
It seems to be getting less and less avoidable. What's the best way to implement it - preferably for free.
I found this - "CeokieYes" plugin.
Seems to be working OK, without slowing the sites down.
But I'm interested to hear any better ideas and recommendations.
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
Thanked by (1)Ympker
Comments
For Cookies I can recommend https://www.cookiebot.com/en/ (has WordPress plugin) and https://consentmanager.net (has WordPress plugin, too). Both automatically scan all your cookies and sort them automatically in categories (necessary, commercial, analytics)..
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
I saw the CookieBot (didn't find the Consentmanager). They both seem to charge for over X pageviews (or over Y website pages).
Looking for some free solutions for non-commercial websites.
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
Usually I never had problems with these limits. Cookiebot does not count views/visits afaik. Only pages/sites. Consentmanager has 5000 visits/mo, but I usually recommend my clients to get legal texts from IT-Recht Kanzlei which partners with consentmanager. You get free upgrade to 40.000 visits/mo that way
About Consentmanager plugin: https://wordpress.org/plugins/consent-manager/
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
Neither of those limits is enough for my use case (100 pages, or 5000 page-views per month, or even 40.000 p-w for that matter).
CookieYes scanned the website for any cookies, let me sort them by the categories, and let the visitors choose which ones they will accept - with an option to later edit their choice (my current privacy policy page as an example).
Unless I got it wrong, if I don't add any more services/cookies, that list should do the job - even without using the plugin's server for anything (it's set and configured on the website, the service must be contacted only in case of any cookie adding/removal, if I want it sorted out "automatically").
Most of the solutions I came across require at least 50 euros per year per one website - most cost a lot more. It's a ripoff (on top of the fact I consider GDPR to be nonsense). But I can't change the policies (much like the, in my country still obligatory, driving with headlights on in bright daylight). Just trying to accommodate the bureaucrats with the lowest possible expenses from my end.
EDIT:
This looks interesting - at first glance at least, because one license covers "unlimited subdomains."
https://www.cookiepro.com/pricing/plan-comparison/
Their WP integration:
https://www.cookiepro.com/integrations/wordpress/
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
Thanks for mentioning these alternatives. I will make sure to check them out, however I will likely stick with the two I have mentioned. Just to chime in on CookieYes. On their page they also mention a limit of 100 pages and 5000 cookie-consent protocols (so probably 5000 ppl/visitors clicking "accept/decline" this/that). This seems a bit similar to Cookiebot but perhaps a bit "better" in the sense that only ppl are counted that click (get saved) via the Cookie consent banner?
https://www.cookieyes.com/de/#plans
Another option would be to get a paid Codecanyon plugin as they come with lifetime upadtes (6 months support) and this one (which is the bestseller) is one license per domain. So with 39$ you are set for one domain: https://codecanyon.net/item/ultimate-gdpr-compliance-toolkit-for-wordpress/21704224
Still, always a bit hesitant with Codecanyon products..
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
The CookieYes has some limits inadequate for my use. But it is my understanding they apply only when the website uses their infrastructure. If I "disconnect it," the plugin still works, letting the visitors accept, decline and edit their cookie choice.
I just lose the option of automatically editing the cookie list if I change stuff on a website.
Could be wrong. With those limits, I'll probably know the answer very soon.
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
Ah, fair enough. Better check with their support/sales perhaps?
Oh, and I totally forgot about Complianz ( https://wordpress.org/plugins/complianz-gdpr/ ). Their free plan (not listed on website afaik; see difference in free and premium features on wordpress description) is also very powerful!
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
LOL - just looking at Complianz now (and testing it on staging).
Looks promising, plus it offers an "export/import" option which should save me some time.
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
Found this - needs further looking into:
https://www.termsfeed.com/cookie-consent/
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
I created my own plugin and limited the clients choice to accept or reject. Everything else too much of a hassle since my website doesn't really require cookies except for remembering the login but this feature is simply not available if cookies are denied.
Not sure if it's of interest, anyway I know that local web agencies choose
I'd say that virtually every web agency here is using one of these two
First time I see complianz.io, I'll ask for feedback :-)
Insane, just use technical cookies and you be good.
Don't include external code and assets.
That fucking industry that came over night, shit.
I wish I had the same idea.
Free NAT KVM | Free NAT LXC | Bobr
Complianz scans the existing website cookies for free (for now).
CookieYes scans "up to 100 pages" (or something like that) for cookies for free, per one website.
Apart from that, external service is not needed - if you know exactly which cookies the website uses.
Of all the tested plugins, CookieYes allows a nice interface for visitors to configure which cookies they want to allow.
It also offers a shortcode, so you can add the cookie management option to a WordPress pabe (Privacy / Cookie policy pages look like a good fit for that) - so that visitors can later re-configure their cookie choice, if they like doing that using the website.
The prices charged are nonsense, a ripoff.
The whole GDPR is a nonsense and a needless hassle IMO, but I don't see it as being reverted any time soon (we still need to drive with the headlights on even in broad daylight ).
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
So I've asked around and, long story short:
Linking here - related to the CookieYes plugin... it's beautiful, isn't it?
(a vulnerability not being addressed)
https://www.pluginvulnerabilities.com/2021/09/24/five-of-the-100-most-popular-wordpress-plugins-are-insecurely-using-the-extract-function/
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
I just ate 5 cookies, will I have to report myself now? I did it without consent.
“Technology is best when it brings people together.” – Matt Mullenweg
Since you'll have to provide yourself with the option to change your mind at a later time, I'd use this and accept in retrospect or make use of the necessary function to remove already existing cookies.
Oh, I promise you, all cookies have been removed
“Technology is best when it brings people together.” – Matt Mullenweg
enters in incognito mode please give your consent again Also, enjoy your free refill of cookies.
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
Seems to have been fixed (according to them):
https://wordpress.org/plugins/cookie-law-info/#developers
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
As expected...
German Court Rules Websites Embedding Google Fonts Violates GDPR
(thehackernews .com link)
Relja of House Novović, the First of His Name, King of the Plains, the Breaker of Chains, WirMach Wolves pack member
BikeGremlin's web-hosting reviews
Yeah, heard about it. Rip
As a web designer, this is really annoying tbh.
Using WordPress, I actually have two plugins to get Google Fonts removed.
For one OMGF ( https://de.wordpress.org/plugins/host-webfonts-local/ ), which scans my site for fonts used, downloads them locally and replaces registered Google Fonts that would be otherwhise loading from online.
Secondly, https://wordpress.org/plugins/remove-google-fonts-references/ . This one is no longer available but it removed all google fonts references from the site, since with OMGF (free version), my site would still make connections to google servers. If anyone is interested in the second plugin, I still have it on my server and could share it with you (if needed).
It's on Koofr for a week now (Virustotal Scan attached): https://k00.fr/h76hjgj3 | password: 245515
After that, pm me to get the plugin (if needed). @vyas suggested that Auto-Optimize also does the trick.
Since Autooptimize is being frequently updated, it might be better to use that one.
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
Like I’ve always said, wanna live with GDPR? Don”t use the Interwebs.
“Technology is best when it brings people together.” – Matt Mullenweg
Autopmtimize plug-in also does that
Remove google fonts that is
For no plug-in option
https://wordpress.ezoic.com/how-to-remove-google-fonts-from-your-wordpress-site/
———-
blog | exploring visually |
Thanks for the headsup! Will have a look Would be a more up-to-date and reliable solution.
Does Autooptimize also download your Google Fonts to local and then exchanges remote Google Fonts references to local, or does it just remove connections/references to Google fonts (so I would still need OMGF to download the fonts to local and exchange references?).
I would probably prefer a plugin option, because meddling with functions.php is annoying as it gets overwritten when the theme updates (afaik). I am not a fan of child themes either (which would probably prevent just that), but I'll give Auto-Optimize try. Thanks!
Another option would be to take the code you'd put in functions.php and then, instead, launch it as a mini-plugin through Code Snippets Pro to have it always active.
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
Not to my knowledge. You may be better off uploading the google fonts locally if you do need them. I could have presented a case for a child theme and then tinkering with functions.php but I am sure there is a Law of Diminishing Marginal Utility into play.
———-
blog | exploring visually |
Oops seems like edit was too late since I also commented on functions.php :P
Anyway, yeah OMGF basically does just that for me. Download the fonts my website is using locally. Very happy with it so far. Manual upload would ofc also work.
Ympker's VPN LTD Comparison, Uptime.is, Ympker's GitHub.
There's many mirrors being gdpr compliant, why use Google then? It's been just selecting a different option in drop-down for me and I exchanged the Google link.