Cookie Policy

David154
New Member
1 0 0

Hi,

I have a number of questions I was hoping to have answered in relation to cookies.

1. Can some one tell me anything about this cookie, car_ver? I have not been able to find anything about it and what it is used for?

2. Is it possible to edit the lifespan for a cookie. 20 years for secure_customer_sig seems a little extreme to me,

3. Is there an update on when the Shopify checkout core code will be compliant with the upcoming EU ePrivacy Regulation with regard to cookie consent? Will you have a cookie consent feature that will allow merchants allow their customers give or refuse consent prior to cookies being used (or at least more clarity on strictly necessary cookies versus performance, targeting, etc.) ?

0 Likes
Gabe
Shopify Staff
Shopify Staff
3836 438 890

Hey @David154 

Some great questions there. Currently your best bet is this app which is "made in Germany".

Marco Pusceddu is the app dev and can chat with you about that. Germans and the German Law (DSGVO) are the most strict about these issues as you can Imagine...

Gabe

Gabe | Social Care @ Shopify
 - War meine Antwort hilfreich? Klicke Like um es mich wissen zu lassen! 
 - Wurde deine Frage beantwortet? Markiere es als Akzeptierte Lösung 
 - Um mehr zu erfahren, besuche das Shopify Help Center oder den Shopify Blog

0 Likes
jaybee21
Tourist
11 0 5

Ok, I know it is not the support team's fault or decision, so this is not to blame you, but seriously: Is "Germans and the German Law (DSGVO) are the most strict about these issues as you can Imagine..." and linking to an external third-party app, that costs reasonable money depending on which Shopify plan you are on, really all Shopify has to offer after more than 1 year? The cookie policy in the EU was clear on what is allowed month prior to taking effect, Shopify never released anything until now though! This Shopify behaviour is completely unacceptable. And yes, it is strict in Germany, but it is strict for a very good reason because we care about data privacy AND still make it possible to track user IF (AND ONLY IF) they agree. And this is strict, but appropriate. Not appropriate is the policy Shopify follows. And the biggest joke is the claim that Shopify is completely EU-compliant "out of the box" which is proudly announced during all events . Seriously, that was funny for a few weeks, but now this is ruining businesses. Even as a Plus Member it is impossible to code anything that is 100% EU or German law compatible.

Even more severe it the fact, that the top-rated app still is a cookie banner with the old "Got it" scheme - which is NOT compliant any more. So Shopify shop owners who are not aware of this problem might think that this is enough. But installing these "Got It"-apps are only drawing attention to lawyers because it is even easier to identify Shops that are not compliant. Shopify does not give any warnings that this is 99% NOT a valid method any longer. This cannot be the policy Shopify officially follows, but it unfortunately is. So there is only two options for us:

1. Shopify enables a solution within their default settings for all shop owners WITHOUT the need of installing a third-party app no one knows what exactly it provides.

2. Getting rid of Shopify rather sooner than later because it is impossible to run a serious business in the EU and especially in Germany - which is no small market you can ignore, but the market of the fourth highest ranking country in the world in nominal GDP.

Seriously, Shopify, that is one year without any reasonable solution. That is what I call a deal breaker.

Gabe
Shopify Staff
Shopify Staff
3836 438 890

@jaybee21 

Totally get what you're saying and I have relayed that on to our product and legal teams. We are currently working hard on a solution.

Greetings,

Gabe | Social Care @ Shopify
 - War meine Antwort hilfreich? Klicke Like um es mich wissen zu lassen! 
 - Wurde deine Frage beantwortet? Markiere es als Akzeptierte Lösung 
 - Um mehr zu erfahren, besuche das Shopify Help Center oder den Shopify Blog

0 Likes
FC1
Excursionist
10 0 8

Exactly,

Most of the existing apps are not able to stop shopify cookies from been deployed. Even if you install a complete and costly software solution like cookiebot it won´t be able to stop shopify own cookies from charging prior user consent. Meanwhile ,shopify has release its own cookie banner, which doesn´t seens to offer some of the functionalities required by law (granular consent, cookie list, option to revoke the consent at any time etc...)

This is a serious issue and creates a liability for all EU shop owners.

Sincerely

FC

 

 

 

Gabe
Shopify Staff
Shopify Staff
3836 438 890

Hey @FC1 

Have you tested the Beeclever GDPR App? Many German merchants are reporting that it seems to do the job quite well. Marco Pusceddu has been working hard with Shopify Partners (@Michael_Singer and @ICHMIRMICH might comment on this) to make his app as compliant as possible. The Shopify cookie solution currently downgrades persistent non-essentials to session cookies which they claim is compliant according to consultations with GDPR experts. But we are working together with our legal teams and product teams to make the app more granular.

Gabe

Gabe | Social Care @ Shopify
 - War meine Antwort hilfreich? Klicke Like um es mich wissen zu lassen! 
 - Wurde deine Frage beantwortet? Markiere es als Akzeptierte Lösung 
 - Um mehr zu erfahren, besuche das Shopify Help Center oder den Shopify Blog

0 Likes
FC1
Excursionist
10 0 8

Hello Gabe,

Thank you very much for the answer. I haven´t tried the Beeclever. Does it prevents shopify own cookies from been deployed? Meanwhile, the support of widespread solutions like cookiebot keeps referring that shopify users should appeal to shopify so you can contact then to find a solution.

Shopify is an amazing platform. However, for EU users its really very hard to be compliant with GDPR. I´m seriously considering trying alternative solution if this problem isn´t fixed soon. 

Sincerely

FC

 

Michael_Singer
Shopify Partner
106 15 59

@FC1 

From my point of view, the mentioned app "BeeClever" is the only legit app running for GDPR. Even the own Shopify update is a failure and not facing GDPR requirements.

FC1
Excursionist
10 0 8

Hello Michael,

 

Thanks for the comments. Does the app blocks the non-essential cookies set by shopify without prior-consent? Can you elaborate on this (I´m not an expert). 

 

Sincerely,

 

FC

0 Likes
Gabe
Shopify Staff
Shopify Staff
3836 438 890

Hey @FC1 

It is very difficult to align to the European GDPR with the current Shopify philosophy and settings, that is correct. However, this plugin comes as close as possible to allowing a correct set-up. The support is also very helpful and can advise you on that further.

Greets,

Gabe | Social Care @ Shopify
 - War meine Antwort hilfreich? Klicke Like um es mich wissen zu lassen! 
 - Wurde deine Frage beantwortet? Markiere es als Akzeptierte Lösung 
 - Um mehr zu erfahren, besuche das Shopify Help Center oder den Shopify Blog

0 Likes