GDPR

bam
Excursionist
19 0 1

I am going to launch jewelry DtoC, however I have never been run EC before.

I send products all over the world from Japan.
I'll do Ad and email, contents marketing, then use CRM.


I am thinking to install cookie bar like below, but should I do?

I don't know so much about it....

 

https://apps.shopify.com/eu-cookie-bar?surface_detail=GDPR&surface_inter_position=1&surface_intra_po...

 

If you recommend, let me know the reason and recommend Apps or functions.

 

Replies 15 (15)
Verdant-Spark
Shopify Partner
91 8 24

Alas, that app is only compliant for GDPR with respect to 'essential' cookies which Shopify relies on for functionality. If you add anything extra, say, Google Analytics (possibly even Shopify's own analytics), then a user must opt in to allowing those cookies. Simply telling them that you use cookies isn't sufficient.

zole
New Member
6 0 0

Shopify analytics are implemented by default and they load immediately. Because they load immediately they are not prior to consent as they should be by GDPR rules. 

Does anyone whole how to set Shopify analytics codes to be prior to consent?

 

 

Verdant-Spark
Shopify Partner
91 8 24

You can't, and this is an issue which Shopify don't seem willing to engage in.

zole
New Member
6 0 0

OKay I got it.

Is there any way I can set prior to consent google analytics code that I manually set in preferences?

Verdant-Spark
Shopify Partner
91 8 24
No...
TungDao
Shopify Partner
257 10 35

I think using a GDPR app is a good call.

Avada is an e-commerce solution provider based in the heart of Vietnam where the best developers unite. Founded in 2017 by Mageplaza, Avada is responsible to complete the mission to help 1 million online businesses grow revenues.
Verdant-Spark
Shopify Partner
91 8 24

Nope - no app will make Shopify compliant.

 

Pandectes
Shopify Partner
19 0 3

Hello, we provide GDPR Cookie Bar +ePrivacy Page which is also listed by Shopify in the proposed list of GDPR apps. Why you say that no app will make a store compliant. Shopify has recently added GDPR/CCPA options inside the store preferences page. Of course about a previous message Shopify's analytics cookies are not strictly required which means that you will have to block them prior consent. As @TungDao said there are many apps. Of course some have less and some more options and for sure IMO only 2-3 (including our solution) are doing the work properly. For instance we have made several integration like the one with Rakuten and we are now working on becoming IAB TCF 2 compliant.

Verdant-Spark
Shopify Partner
91 8 24

My comment was now coming up on a year ago. Since then, as you say, Shopify have finally released their own cookie control banner which is compliant with GDPR. No other app is needed at this point to satisfy GDPR compliance.

Pandectes
Shopify Partner
19 0 3

This is not true. First of all GDPR is not only a banner (informative) but also cookie management from inside the banner. Also is not all around cookies but also around the right of the user to manage his personal data (including his cookie consent) which is not covered by Shopify 100%. That's why you need another app. This is what we do with our app as well and that's why the title of our app is not only the banner but also an eprivacy page where the user (either he is a guest customer or a registered customer) can make data subject requests and manage this consent.

Scartify
New Member
6 0 0

Try our app, will fit your needs:

Announcify is crafted to help merchants boost their sales with our announcements app and to announce sales that draw your visitors attention and engages them to subscribe, announce important announcements, shipping cost and estimated delivery.

  • Free Shipping Bar Internet shoppers want their items as fast as possible. They are far more likely to buy something if they know upfront the shipping costs and estimated delivery time.

  • Countdown Announcements Display countdowns to your customers to a known/Specific event.

  • Capture Email Subscribers Maximize your Ads spend by capturing email subscribers and save them as customers.

  • Works with Any Theme Works right out of the box with any theme, and looks amazing!

  • Click here:
    https://apps.shopify.com/announcify-app
If you see that this solved your problem please hit "Accept as Solution" and like!
You need any help or want to build a store? https://www.scartify.com or email us: contact@scartify.com
Pandectes
Shopify Partner
19 0 3

Hello, 

I just wanted to clarify that GDPR is not just a bar/banner with a notice. GDPR is a lot more and requires many tasks in the backend that almost none of the apps on the store can manage it at the moment. I am referring to cookie/scripts management, consent tracking, data subject requests management, cookies declaration and of course integrations with existing apps and services.

Merchants need to be very careful when they try to be compliant with GDPR on their stores.

I would be more than happy to discuss any aspect of GDPR here.

Thank you.

www.pandectes.io

Verdant-Spark
Shopify Partner
91 8 24

I had a quick look and tested this app and after installation, with a cookies bar added, all the shopify and ga cookies were still present in the browser (which is to be expected really); the app looks nice, and has a reasonably well thought our interface, but I do wonder why it needs a network call for every page load?

tl;dr: this app doesn't provide any level of GDPR compliance.

Verdant-Spark
Shopify Partner
91 8 24

I've had a look at your demo page, and despite declining cookies, _ga is still present on the page (initiated by shopify). Can you explain some more how your app stops tracking to maintain compliance?

Pandectes
Shopify Partner
19 0 3

Hi @Verdant-Spark, first of all thank you for you comment.

Let me briefly explain how it works.

Our application is compatible with Shopify Consent API. This means that if you have installed google analytics & facebook pixel with the native way that Shopify provides, you need first to enable these options from your store preferences page.

Screenshot 2021-09-02 at 12.33.30 PM.png

This means that both google analytics and facebook pixel scripts will be blocked before the visitors gives his consent.

Note: In case you have installed these services (google analytics / facebook pixel) or any other external script through your theme or through google tag manager, we provide access to our JS Api from where you can manage everything without any issue.

After that, on our app, you will need to select one of the banners that initially block cookies (strict mode). In this way the strictly required cookies will be allowed by default and only after user gives his consent the other cookies/scripts will be loaded. 

Please try again and let me know if you need any further help. I also happy to reply to any other questions through our support email here: support@pandectes.io.

Thank you again!