Skip to content

GDPR specifications

Jump to bottom
Charles de Beauchesne edited this page May 14, 2020 · 3 revisions

GDPR specifications

Context

All data stored on local computer are handled by src/js/vue-plugins/local-storage. If a component needs to save a value, it calls this.$localStorage.set(key, value). A mechanism makes the key local to the component who use it.

For instance, here is the values for user account :

image

On this picture yu see that the component called User (defined on src/js/vue-plugins-usere.js saved a value :

  • Key is http://api.camptocamp.org (FYI, the UI can use different API)
  • Value is an object with plenty of data.

Search for exhaustive list on github, or more efficient, search for "localStorage.set" on your IDE.

  • src/js/vue-plugins/user.js: save token and account data. Mandatory for connected users
  • src/js/vue-plugins/gettext.js: save the interface lang
  • src/views/SiteNotice.vue: when a user close the "blue header" communication tool from forum, it's saved here, and never shown anymore
  • src/views/documents/DocumentsView.vue: all users choice mades on this pages (cards/list, view map or results or both...)
  • src/views/portals/Dashboard.vue and src/views/portals/FeedView.vue: enable or not current user's filters
  • src/views/portals/Yeti.vue: user has read the disclaimer

And also, third party components can store and reuse data:

  • addthis
  • google analytics
  • adfiz

With GDPR, we must get the consent of users to store and reuse this data.

Functional specification

When a new user connect to camptocamp (by new, we means that nothing is stored yet in the browser), a modal banner will be shown on the bottom of the page, explaining what this data are used for. As long as the user does not interact with it, the site works normally, as if everything is granted. If the users leaves the site without interact with it, the banner will be shown on the next visit.

The banner contains two buttons :

  • Ok => everything is enabled, and the site works as usual. The user choice is saved, and the banner won't be show on next visits.
  • Details => The banner expands, and shows these 5 categories. They are all enabled, and the user can disabled them. One click instantly save the user's choice. The ok button saves user's choice, and close the banner.

Categories

  • Functional cookies, mandatory, camptocamp.org can't works without them, can't be unticked
    • account data when user is logged, Yeti disclaimer ...
  • Analytics cookies
    • analytics feature is entirely disabled if user untick it
  • Social cookies
    • addthis is disabled if user untick it, and social sharing button on document header is not shown (not he one in the menu, it does not use cookie)
  • advertising cookies
    • See with adfiz if this category is relevant, and if yes, how to impact this
  • User experience cookies
    • all other storages.

Misc behaviours

  • As long as the user has not clicked on it, the site works as if all categories are enabled (TO BE VALIDATED)
  • When the user untick a category, all localStorage impacted are cleaned
  • if user click on ok button without expanding the banner, defaults true values are saved.
  • for registered users, the category widget is shown on /preferences
  • for unregistered users, the category widget is shown ... TO BE DECIDED
  • the cookie life time will be 12 months

Technical specification

WIP

Ressources

Prod - PR builds - HAProxy stats

Clone this wiki locally