According to GDPR, if you have any traffic from EU citizens on your site, you need to ask for consent before you, or third-party scripts, process any of their personal data.
One recurring GDPR feature request we’ve seen over the past few years has been to allow granularity in the cookie compliance consent, so that the user could accept or decline various cookie categories. This feature has now been added to the recently released versions 8.x-1.6 and 7.x-1.29. You can find the new consent method on the module settings page. To enable this feature, select “Opt-in with categories” as the consent method.
In this blog post, you can learn how to configure the EU Cookie Compliance banner to use GDPR categories, as well as how to use the categories in your code to track the user only when they give consent.
Choosing this consent method reveals an expanded set of fields named “Cookie Categories” that you can find beneath the “Consent method” options. Here you can set up your cookie categories and configure how the banner behaves. Let’s first look at the categories:
Categories are entered using the following pattern: key|label|description
. The description is optional. The above setup will result in the following EU Cookie Compliance consent banner:
This will result in a fairly large GDPR consent banner. Note that the banner appearance in EU Cookie Compliance is based on a Drupal theme template, so you could always create a theme specific template and for example place the descriptions on the same line as the title, or perhaps have the descriptions appear on hover if space is a concern. By default, the banner has two buttons when you use the category consent method: “Save preferences” and “Accept all cookies”.
Below the text field for cookie consent categories are some additional options. The first option, which is on by default allows you to replace the “Agree” button with the two “Save preferences” and “Accept all cookies” buttons. In addition to labeling the buttons, you can also choose to make the first option compulsory by choosing “Tick the first checkbox and mark it read-only”. You can also choose to “Tick all category checkboxes by default” to make it more convenient for the user to opt-in to cookie usage under GDPR.
In order to let your site and javascript comply with the cookie preferences set by the visitor, you may have to write some custom code. Although EU Cookie Compliance has some options to whitelist cookies and block scripts, not all scripts are added to the page source using the standard Drupal methods and can be altered through f.ex hook_js_alter
in Drupal 7 (which is what the module attempts to do).
EU Cookie Compliance has for years had a method you can call to check if the user has agreed to store cookies and processing their personal data:
Drupal.eu_cookie_compliance.hasAgreed()
This function will return true when consent is given, and false when the user has declined processing of their data.
With the newly introduced categories, you can call the same function with a parameter:
Drupal.eu_cookie_compliance.hasAgreed(category)
Where ‘category’ is one of the category keys that you have defined on the EU Cookie Compliance module settings page, for example:
if (Drupal.eu_cookie_compliance.hasAgreed('performance')) {
// Load scripts that deal with performance.
}
Many high profile sites allow visitors to choose among categories when the visitors give consent to the processing of private data through cookies in their browser. Now your site can do offer the same granularity if you use a recent version of the EU Cookie Compliance module.If you need help setting up your GDPR cookie banner, or have questions about how your site can become GDPR compliant, you can always get in touch with us at Ramsalt Lab through our contact page.
Arrangement som samler webentusiaster, designere, prosjektledere og innholdsskapere for å utforske hvordan du kan bruke Drupal til å lage en enda bedre nettløsning.
20 employees from Ramsalt Lab had the opportunity to attend DrupalCon in the city of Barcelona. Read our top recommendations from the conference!
Vi søker en visjonær og handlekraftig daglig leder som kan ta vårt utviklingsfirma til nye høyder! Er du en strategisk leder med solid forretningsforståelse og en sterk lidenskap for teknologi og innovasjon? Da vil vi høre fra deg!
The European AI Act came into force on 1 August 2024, bringing new rules and regulations for artificial intelligence within the EU. If you use AI on your website or for content-creation it is important to understand how these changes could have an impact.