Developer forum

Forum » CMS - Standard features » Cookie Manager - 3rd party service or implement it "by hand"

Cookie Manager - 3rd party service or implement it "by hand"

Hans Ravnsfjall
Hans Ravnsfjall
Reply

Hi

hopefully it´s ok that I post this question here. If not, I apollegize in advance 🙏

Here goes:

Here in the Faroe Islands, a GDPR like legislation is coming in January 2021. In this regard, we are focusing mutch more on Cookie Management. How have you all tackled the hassle of this? I mean, it´s difficult - because users embed youtube videos and other things into their websites, and it´s difficult to keep track of what cookies come with all the different 3rd party objects, and the last thing we want, is to accidently have something like youtube etc. to set Cookies without the consent of the user. Eg. if the user hasn´t actively accepted youtube cookies, we don´t want to show the video.

I see a lot of websites use services such as cookiebot etc. Is that the best solution, or do you have any recommendations? I don´t presume it´s a good idea to try and implement everything "manually"?

/Hans


Replies

 
Nicolai Pedersen
Reply
This post has been marked as an answer

Our builtin cookiemanager requires manual work when you have situations like this with new embedded things that you do not know about at the time of implementation.

Cookiebot and Cookieinformation both scans the website from time to time to see what cookies are set by what external systems and external scripts and iframes. And both their technology will ensure that these javascripts and iframe content will not be loaded on the page before the user accepts cookies.

Youtube does support a version that does not use cookies (privacy-enhanced mode). It uses the URL like https://www.youtube-nocookie.com/xyz to embed the videos: read more here: https://support.google.com/youtube/answer/171780?hl=en

BR Nicolai

Votes for this answer: 1
 
Hans Ravnsfjall
Hans Ravnsfjall
Reply

Ok, but I guess  the way forward is to use a service such as cookiebot? It will be quite difficult maintaining this manually, and updating cookie descriptions in different languages

 

/Hans

 
Pernille Mortensen
Reply

I am implementing a third party cookie manager (cookieinformation) for a customer. Cookieinformation does some of the work for you, but you still have to block the sources (eg. youtube, vimeo and google analytics) yourself using cookieinformations javascript snippets.

For most cookie sources like youtube or google analytics it is easy to locate the script or iframe in the template code and block it, but is there any way to block dynamicweb cookies and make an external cookie manager work with dynamicweb cookies?

The two cookies are I would like to block are "Dynamicweb" and "Dynamicweb.SessionVisitor". What do these two do, can they be blocked and will the website work if blocked?

 
Nicolai Pedersen
Reply

Hi Pernille.

First - it is not required to block those services - they all come in versions that does not track.

Cookieinformation handles the cookie acceptance of the user under the cookie legislation. That is not to be confused with GDPR which is another legislation related to storing personal information. That is 2 different things to consider (Cookies and personal information) - if you disable cookies for GA and also configure GA to not track IP (see https://support.google.com/analytics/answer/2763052?hl=en), you do not need a consent or a cookie acceptance. Because the site will not set tracking cookies and the tracking will not record 'personal' information as defined in GDPR.

You loose the option to do retargeting and see how many returning visitors you have, but you can track everyone which is much better than those few who will accept cookies. Also you can combine this with GA consent mode: https://blog.google/products/marketingplatform/360/measure-conversions-while-respecting-user-consent-choices/ which is also supported by i.e. CookieBot: https://www.cookiebot.com/en/google-consent-mode/ and Cookieinformation: https://cookieinformation.com/resources/blog/what-is-google-consent-mode

I would recommend that you take the above into consideration to achieve a working website and most of the tracking even if users do not accept cookies and GDPR.

The Dynamicweb cookies are described here:

https://doc.dynamicweb.com/documentation-9/platform/platform-tools/cookie-manager#sideNavTitle1-2

If you enable cookiemanager in Dynamicweb settings, and add cookies to the "Tracking" category, these cookies will not be set until the user has accepted Dynamicweb tracking cookies. If you disable the Dynamicweb cookie banner (but keep the cookie manager active), the Dynamicweb tracking cookies will never be accepted by the user and therefore never set.

You can then accept the Dynamicweb tracking cookies from the external script by calling /Admin/Public/CookieOptInLevelConfig.aspx?OptInLevel=2 if the user accepts cookies in the cookie banner from CookieInformation. That will enable all cookies.

I am aware this is not a simple and straight forward setup.

BR Nicolai

 
Pernille Mortensen
Reply

Thank you for the explanation and clarification. I will consider the options with third party cookies.

The solution with the dw cookiemanager will do just fine for the website I am working on. Thank you.

 

You must be logged in to post in the forum