Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Europe Cookie Laws


andy_1984

Recommended Posts

And the £500000 fine is the end of this tale.

 

ROTFLMAO. Just wait until Amazon et al. big boys push through similar legislation in the US to get rid of all their pesky little competitors. Let's see... Microsoft hides some function in IE10 to hide cookie usage from the Feds for selected friends... all competing browsers are outlawed (as insecure)... the little guys' sites can't function very well without cookies and no one shops any more except at the big boys... are we sufficiently paranoid yet?

Link to comment
Share on other sites

AWESOME. May I use this elsewhere please!

 

I don't mind.

:)

 

Although I think "mediocre" is a more apt description.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Nah, you're a born poet, @@germ! Now, work it into this limerick...

"There once was a man from Nantucket"...

 

You could make small bucks writing limericks for Carl Kassell to recite on "Wait, Wait... Don't Tell Me!"

Link to comment
Share on other sites

Nah, you're a born poet, @@germ! Now, work it into this limerick...

"There once was a man from Nantucket"...

 

You could make small bucks writing limericks for Carl Kassell to recite on "Wait, Wait... Don't Tell Me!"

 

Just remember.... You asked for it....

:lol:

 

There once was a man from Nantucket,

With a website in Europe raking in ducats.

Then the "cookie law" came to pass,

With no site compliance they fined his a$$,

Now he lives on the street selling buckets.

 

And that, my friends, is the end of my short-lived limerick writing career.

 

I promise!!!

o:)

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

A woman from Sweden, living a dream in Eden

Just ripped a site on the laws of cookies

to serv osC professionals and cookie rockies

 

<div id="bd">

<div id="HTMLBlock1995" class="HTMLBlock">
<h1>Geeknet Opt-Out Choices</h1>
<p>Users of the SourceForge, Slashdot and Freecode websites have choices regarding the collection and use of information through our websites.  This page summarizes some of those choices regarding our use of cookies, some advertising and other tools we use on our websites, and choices that you have about receiving newsletters and other communications from Geeknet.  This page is designed to highlight some of the choices you have; for a more detailed discussion, please see <a href="/privacy-statement">Geeknet’s Privacy Statement</a>.</p>
<h2>Cookies</h2>
<p>"Browser" cookies are small text files placed on a computer for various purposes including marketing, data analysis, and to enable our web sites to tailor the user’s experience on our sites.  You may set your browser to reject cookies or to notify you when a web site tries to place cookies in your browser program.  For your convenience, additional information about how to manage cookies for major browsers please follow the following links: </p>
<ul>
<li>Safari: <a href="http://docs.info.apple.com/article.html?path=Safari/3.0/en/11471.html">http://docs.info.apple.com/article.html?path=Safari/3.0/en/11471.html</a></li>
<li>Firefox: <a href="http://support.mozilla.org/en-US/kb/Deleting%20cookies">http://support.mozilla.org/en-US/kb/Deleting%20cookies</a></li>
<li>Internet Explorer: <a href="http://support.microsoft.com/kb/278835">http://support.microsoft.com/kb/278835</a></li>
<li>Chrome: <a href="https://support.google.com/chrome/bin/answer.py?answer=95647">https://support.google.com/chrome/bin/answer.py?answer=95647</a></li>
</ul>
<p>Our websites also may use local shared objects, also known as "Flash cookies" to store your preferences or display content based upon what you view on our website to personalize your visit.  To learn how to manage privacy and storage settings for Flash cookies, including how to delete Flash cookies, please click here:
<a href="http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html#117118">http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager.html#117118</a>.</p>

<h2>Additional opt-out choices for analytics and marketing networks</h2>
<p>Several of the advertising networks and service providers that we use to analyze activities on our sites also offer opt-out mechanisms as an alternative to managing the placement of cookies by these services through your browser settings as discussed above:  </p>
<p>Google Analytics.  If you would like to opt-out of Google Analytics, Google has developed a tool that works with major internet browsers to permit you to opt-out.  For more information and install their opt-out tool, please click here: <a href="https://tools.google.com/dlpage/gaoptout">https://tools.google.com/dlpage/gaoptout</a></p>
<p>Google Advertising.  To opt-out of or manage your targeted third-party advertising preferences with Google, please click here: <a href="http://www.google.com/policies/privacy/ads/">http://www.google.com/policies/privacy/ads/</a></p>
<p>ComScore.  To opt-out of comScore’s universal data collection, please click here: <a href="http://www.scorecardresearch.com/preferences.aspx">http://www.scorecardresearch.com/preferences.aspx</a> </p>
<p>National Advertising Initiative.  To opt-out of targeted third party advertising by Network Advertising Initiative members, please click here: <a href="http://www.networkadvertising.org/managing/opt_out.asp">http://www.networkadvertising.org/managing/opt_out.asp</a></p>
<p>In addition, some of our third party advertising partners display an “ad choices” icon with the advertisement on our site.  If you see this icon with an advertisement, you can click on it to find out more information about the ad and your ad choices.</p>

<h2>Additional opt-out choices for social media</h2>
<p>Integration of social media links to our sites may enable tracking  by these providers, who provide their own opt-out and data control mechanisms:</p>
<ul>
<li>Facebook, whose cookie control instructions are at  <a href="https://www.facebook.com/help/?page=176591669064814">https://www.facebook.com/help/?page=176591669064814</a></li>
<li>Twitter, whose Privacy Policy links to various account control options at <a href="http://twitter.com/privacy">http://twitter.com/privacy</a></li>
<li>Google Plus, which provides display control at <a href="http://www.google.com/profiles">http://www.google.com/profiles</a></li>
</ul>
<h2>Geeknet Newsletters and Direct Marketing Communications</h2>
If you would like to opt-out/unsubscribe from receiving newsletters or marketing communications  or deactivate your accounts, please use the links below and provide a copy of the communication or account name you wish to unsubscribe.  Please understand that it may take up to a week for your request to be processed.</p>
<p>For Sourceforge, please contact us at <a href="mailto:sfnet_ops@[member='geek'].net">sfnet_ops@[member='geek'].net</a></p>
<p>For Slashdot, please contact us at <a href="mailto:feedback@[member='Slashdot'].org">feedback@[member='Slashdot'].org</a></p>
<p>For FreeCode, please contact us at <a href="mailto:[email protected]">[email protected]</a></p>

</div>
</div>

 

Let's Rock an' Roll!

Edited by Juto
Link to comment
Share on other sites

  • 3 weeks later...

NB - I am not a lawyer!!

 

This is a minefield. The ICO have given everyone a get out clause allowing implied consent, but then imply that they would ideally want implicit consent if you are storing any personal data. They give an example of this data as being health records, or presumably the like - I would say storage of an email address is enough to put you into the danger zone.

 

Now examples aside, it would seem to me that you need to consider if the storage of personal data on your site requires that the customer needs to accept your terms and conditions of use ... I would say yes it does even though the ICO give this advice:

 

"The Regulations specify that service providers should not have to provide the information and obtain consent where that device is to be used:

  • for the sole purpose of carrying out or facilitating the transmission of a communication over an electronic communications network; or
  • where such storage or access is strictly necessary to provide an information society service requested by the subscriber or user."

Reason being that the data is not always strictly necessary to complete the users request on the site they are viewing. For example, if they sign up to buy something, then their address is necessary for shipping, but their telephone number may not be even though you have actually taken that for completeness.

 

To avoid any messy popups that make the user simply deny your cookie because they are not aware of what they are being asked to do:

implied consent means that you could have a tag or button in a prominent place on EVERY page allowing the user to view your privacy and cookie notices should they want to like several people have suggested - this would not necessarily detract from the look or feel of the site in any way. However, as soon as they sign up to your site they are providing personal information directly to your database, so you need implicit consent for the setting of cookies - which is ridiculous as in actual fact they are giving you the data with the knowledge that it will be stored and they have already given you implied consent to set cookies - anyway, then you will likely need them to tick a box that they agree to the privacy policies of the site, which again isn't unusual so won't detract from the users experience in any way.

 

Just a note about the requirement of websites to adhere to this law. Again, my opinion only. This law applies to people or businesses running/owning sites that serve the EU - so amazon does or doesn't need to adhere to it ?? The law is to protect the EU citizens, and they are applying it to all businesses that they have direct legal recourse over, but international businesses have been successfully prosecuted under EU law when they are serving EU customers. So, even though amazon are literally operating from tax havens technically outside the EU, they are serving content that involve EU businesses and the affected public. Likewise for any international seller such as Apple, Microsoft, etc. So if your business is located in the USA for example, but you are serving EU clients, then this could mean you too. Additionally, it could be perceived that secondary servers based in the EU are technically affected when they are serving content to the EU as regulations would apply through the 3rd party.

 

The bottom line is control. In my opinion, this law is ridiculous. It puts the owness on legitimate businesses to clean up the act of non-ligitimate businesses. Notwithstanding illegal entry/access, the protection of ones own personal property is literally one's own responsibility. If you trawl the internet via your computer and get viruses etc as a result, then you were responsible for protecting yourself in the first place. If you sign up for services without first reading the terms and conditions of the seller or information provider, then you are at fault. Your use of a search engine is reliant on you reading its terms and conditions of use. If you enter someone's premises, including their website, then you are agreeing that they can serve you within those premises and if that means they can use surveillance cameras to do that within their property, then so be it - a cookie is only a surveillance camera really, tracking your visit (again, notwithstanding those that are for other illegal uses). The point is that the illegal businesses will apply this in time and accurately if it means they will lose money - or they don't need to because they access the users computer in a different way. Just another example of our ineffective intrusive governments. Rant over

Link to comment
Share on other sites

Reading your post, I think you may be confusing cookies with personal data.

 

The cookies regulation relates to cookies you place on the visitors computer, be they site cookies, analytics cookies, advertising cookies etc.

 

The personal data a user adds to your database, such as phone, email, name, address etc is not covered by the cookie law - this has plenty of other laws surrounding it under the blanket of Data Protection.

 

Thanks

Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members.

Link to comment
Share on other sites

  • 3 months later...

Basically, if you need a cookie for the normal running of a store, then they will be ok. This does include the oscid as it is required for correct running of the store. What is not esential are any other cookies that may be used that are not required for running of the store, such as google cookies, and those used by things like facebook like buttons.

 

The ICO are not sure of how this law will be upheld and policed, which makes it a stupid law in may peoples eyes. At the moment as long as you are seen to be doing something relating to this law, you should be ok. There are sites which can be found by searching for eu cookie law that have other ways of dealing with this. You should really add details of all the cookies used by your store into your privacy policy. There are sites that wil check for cookies and let you know what they are. You also have to link to your privacy policy page using a clear easily to find link. You can also add text to the header or footer of your site explaining that your site uses cookies and link to your privacy policy.

 

The easiest way is to see what others are doing on their sites and try to come up with something similar, without copying.

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

Hi Steve

 

I have prepared a cookie statement for the footer of the index page (only if preferable). Could you show me where I should place it in the code? I don't want to mess up the existing code.

 

Thanks

 

TJ

Link to comment
Share on other sites

No real code to mess up in the footer file. Put the code where you like as long as it is not in a div that is used for something else.

 

I would put it after

<div class="grid_24" style="text-align: center; padding-bottom: 20px;">

<?php echo tep_display_banner('static', $banner); ?>

</div>

 

If you put your code in a div, you could add your own styling to it to make it stand out from the footer using css.

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

  • 1 month later...

Try this which is what i use on all my sites.

 

http://www.civicuk.com/cookie-law/index

 

you can have it so that it just informs them that your site uses non intrusive cookies and that the cookies you use are for site functionality only.

 

It is on every page also.

 

According to the rules if your site requires cookies for the basic functionality of the site then the simple inform rule can apply. OSC uses a cookie that is required for site functionality. If you use google analytics then you must have an opt in function which this also covers..

 

Anyways, best way is to have a look.

 

Works perfectly.

Link to comment
Share on other sites

  • 1 year later...

I found a nice implementation of cookie laws on the belgian federal commerce government site that deals with commercial regulation, so I'm guessing what they have done is best practice ...

 

http://economie.fgov.be/nl/global/disclaimer/cookiesprivacy/#.U776sUAUee4

 

if it shows in dutch, top left you have language switches

 

I was thinking these different sections would be nice content modules in the oscommerce world ...

KEEP CALM AND CARRY ON

I do not use the responsive bootstrap version since i coded my responsive version earlier, but i have bought every 28d of code package to support burts effort and keep this forum alive (albeit more like on life support).

So if you are still here ? What are you waiting for ?!

 

Find the most frequent unique errors to fix:

grep "PHP" php_error_log.txt | sed "s/^.* PHP/PHP/g" |grep "line" |sort | uniq -c | sort -r > counterrors.txt

Link to comment
Share on other sites

  • 2 weeks later...
  • 2 years later...

i did google and "booooooooooom" very fast (on first page) i get an answer. Here: http://addons.oscommerce.com/info/9013

  • The clever one learn from everything and from everybody
  • The normal one learn from his experience
  • The silly one knows everything better

[socrates, 412 before Christ]

Computers help us with the problems we wouldn't have without them!
99.9% of the bugs sit in front of the computer!
My programmed add-ons: WDW EasyTabs 1.0.3, WDW Facebook Like 1.0.0

if(isset($this) || !isset($this)){ // that's the question...

 

Link to comment
Share on other sites

@@joe122joe

 

Just make sure that you also alter your privacy policy and cookie policy to comply with the legal requirements also. They can also be found by searching using something like google - other search engines are available.

 

There are also regulations regarding what you can and cant do on your website and what text has to be on certain buttons on the checkout pages. The more you dig into EU regulations the more you will find that you need to do.

 

The EU also regulates your return policy so that ought to be compliant also.

Edited by 14steve14

REMEMBER BACKUP, BACKUP AND BACKUP

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...