I’ve been busy with my new job; haven’t had much time with “web stuff” over the last year (beyond ASP.Net / Web.API – but for internal network use).
I’ve only just started to look at how GDPR affects me. I have no interest in tracking individuals but I do use plugins, and I did set-up Google Analytics once.
For hours I’ve been looking into the details of it all and possible solutions … but one thing in particular has frustrated and confused me! I couldn’t understand why, when I opened timeouttherapy.co.uk in an incognito tab, having removed the Google Analytics script, cookies would still show under Application – Cookies in the Dev Tools in Chrome. WHY???? WHY????
Something must be setting it, so I thought. But what? Because of course incognito mode uses a fresh cookie store doesn’t it?
Hmmm. Maybe it doesn’t !!!
It’s going to take some time for me to be compliant.
|Site||GDPR compliant||Cookies and notes|
|timeouttherapy.co.uk||No||paypal, NID (google.com),|
|blog.xarta.co.uk||No||PHPSESSID, wordpress_test_cookie, YouTube (lots), Facebook (lots)|
|the-icons.co.uk||No||Google Analytics (make anonymous), DSID, IDE, __sonar … all Google I think but why? .doubleclick.net, _gali?|
The NID cookie appears to be a session cookie and only appears (on timeouttherapy.co.uk, I think) when this script is active:
The PayPal cookie might be due to the image used in this form.
However, this code no longer works! (I’ve just discovered). Maybe something to do with certificates. I’ll have to ask my friend’s permission to log on to her paypal, and get fresh script.
So, timeouttherapy.co.uk compliancy with GDPR.
- Research what NID cookie is and if it’s a problem – if so, delay the google api script until acceptance granted
- Google Analytics – that’s set to anonymous so shouldn’t be a problem
That might not be all for timeouttherapy.co.uk – I’m sure I’ve seen a cookie related to Akamai appear at least once – I need to record a session interacting with the site to check.
So, I’m working on it. Eventually there should be a consent – but also reject, and any cookie setting scripts delayed until consented (and no other personalised tracking present). I’ll update this table as I progress.