Cookie banner implementation

t.arndt · October 1, 2019, 7:33pm

In Europe website cookies are a huge topic for every website.

What‘s best practice to implement a cookie banner on the rocket.chat login page ?

Server Setup Information

Version of Rocket.Chat Server: 0.74.3
Operating System: Ubuntu 18.04 LTS

bbrendon · October 4, 2019, 5:21pm

Thank god for ublock. I should file a carpel tunnel lawsuit against the EU

aaron.ogle · October 9, 2019, 4:04am

Cookie banners are not something we have a best practice around. I think we like everyone else hate them. Surely if not adding tracking cookies you don’t actually need one? I’m not from EU so not up on this cookie banner stuff. If you have some reading on it would gladly take a look and pass along

t.arndt · October 10, 2019, 2:45pm

Thanks guys for your feedback. This topic was pretty knew to me and I think I found some sources that explain it very well. If I look at the current rocket.chat implementation it only uses session cookies. As @aaron.ogle mentioned if you not explictly add additional cookies on your setup you just have to refer in the terms of service on the login page that you use session cookies. You don’t have to implement an active acception of cookies or a cookie banner.

source: https://www.it-recht-kanzlei.de/notwendige-nicht-notwendige-cookies.html#abschnitt_8

Sorry the source is German… but should give you an idea that GDPR distinguishes between technical necessary cookies (session cookies ) and unnecessary cookies.

Session cookies that store certain user settings (for example, the shopping cart, language settings, or log-in data)
Flash cookies for playing media content
Cookies that are set by affiliated payment service providers (regardless of a specific payment), provided that they do not analyze specific usage behavior, but only serve to prepare for possible payments or to verify a payment authorization
Opt-out cookies used to revoke cookie consent

I’m not a lawyer but the author of the source above is - don’t blame me if I misinterpreted this or the rules change in future - but at least I tried my best to solve this. We will run our implementation without a cookie banner and mention the use of session cookies in the terms of service.

Topic		Replies	Views
IFrame Integeration in MVC is giving some issue related to cookies Community Support	2	958	October 7, 2020
Cookie problem in REST API Community Support	3	2970	May 30, 2018
Broadcast / Announcement to all users Community Support	0	509	September 21, 2021
Best practice for automatic / custom login with an existing user database Community Support	1	1504	October 9, 2024
Pass headers or cookies to my SSO API Development	0	210	February 13, 2024

[Secure CommsOS™ Launch] Join our next Roadmap Reveal webinar to learn more Register now ->

Cookie banner implementation

Server Setup Information

Related topics