History says TYPO3 is one of the most secure OpenSource CMS. But, security is a never-ending task, In this article, I want to…
TYPO3 GDPR compliance is getting serious and if you ever have a single visitor from the European Union you need to abide by the law.
Also, global services like AdSense requires you to make sure your site is GDPR compliant to keep your profile in good standing.
So let’s start :)
Note:This blog is not legal advice. Just by Installing these TYPO3 extensions doesn’t guarantee that your site becomes 100% GDPR complaint. They are just tools to help you. You should seek professional legal advice where appropriate.
GDPR stands for the General Data Protection Regulation.
Basically, GDPR is a regulation that aims to give all citizens (of the European Union (EU)) more control over their personal data and how it is processed online by bloggers, site owners, web-shop owners and anyone who collects any sort of data from their visitors.
If you want to read further on the topic here is a detailed resource on GDPR.
If you’re using any of the tools that collect and use the information to run their business campaigns, you’ll have to first get consent from the user. They hold rights to know what data is collected (with their consent), how it is processed (how you share it with third-party services like Analytics etc) and the ability to erase their personal information upon request.
Image Source: https://espyder.net/
The purpose of the GDPR is to encourage site owners to be thoughtful about the personal data they collect and how they use that data. Some of the steps you can take as a site owner is to:
- Provide a way for Your Site’s Visitors to Access/Delete their Data
- Include Cookies & Cookie Consent bar for user to accept or deny cookies
- While installing 3rd party extensions, check if they are GDPR compliant.
- Get the user’s permission before sharing or processing their personal data.
- Check your website’s configuration if they are breaching GDPR regulations.
- Add checkbox of terms acceptance consent on data submission for contact forms
- Install SSL certificate on your website.
- Updating your database according to GDPR laws.
The European Union’s cookie law requires websites to get user consent to set any cookies on their website. As a TYPO3 website owner, your website may be using cookies as well. The Cookie Hint plugin will assist you in making your website GDPR compliant.
- Enable a notice with Accept and Reject options
- Configurable cookie details and description
- Adds a subtle cookie banner
- Adjustable at any part of the website
- Customizable the cookie notice style
- Changeable colors, fonts, styles, position on the page
- Can set behavior when you click “Accept”.
- Cookie Audit shortcode
To support publishers, technology vendors and advertisers in meeting the transparency and user consent requirements of the GDPR and ePrivacy Directive, team NITSAN has developed Cookiebot.com GDPR Compliant TYPO3 Extension in integration with the most popular Cookiebot.com. Here is a quick highlight of their features:
- A customizable consent banner for a user to opt-in and -out of cookie categories.
- Monthly scans to detect all tracking on the website with data storage destination.
- Ability to change banner and declaration with translations for 44 languages.
- Storage of user-consents that are downloadable and can be used as proof.
- Execution of cookie-setting scripts without a page reload if the user gives consent
- A scanner that detects online trackers such as Cookies, HTML5 Local Storage, Flash Local Shared Object, Silverlight Isolated Storage, IndexedDB, ultrasound beacons, pixel tags, etc.
This TYPO3 extension enables you as site owner and extension developer to comply with the GDPR by covering some of the important aspects such as:
- Find and randomize or remove privacy-related data
- CLI to randomize records after a given time
- Logging of any privacy-related tasks
- Overview and status of forms provided by form extensions
- Improved privacy included for YouTube & Vimeo videos.
This extension adds a video local hosted preview to videos that have been embedded with fluid_styled_content (e.g. Text & Media content element) to the frontend. Check out its cool features which help in case of performance and providing more privacy for your website users.
- Asks for user’s consent to proceed with the third party sites that collect user’s data
- Third-party stuff will only be loaded/embedded if the user clicks on the preview image to view the video/media.
- Supports Text and Media content elements.
#5 Privacy Guard by Felix Nagel
Privacy Guard is an additional task for the TYPO3 scheduler. It cleans old entries within your TYPO3 installation to improve the privacy of your customers. It cleans TYPO3 to improve the privacy of your customers. Its quick highlights are:
- Delete whole entries or IP addresses only
- Support for sys_log table
- Supported extensions
- Currently works with formhandler, ve_guestbook, femanager, mkphpids, spamshield, and sys_log table. Useful for GDPR / DSGVO compliance.
GDPR, when it came into force, brought out too much of fear and confusion amongst bloggers and website owners but with time these GDPR compliance extensions help to manage and get the task of GDPR implementation done easily.
What is your favourite GDPR extension for TYPO3? We tried to compile this list through extensive research and real-life usage experience by us and our team. What is your favourite GDPR extension for TYPO3? We tried to compile this list through extensive research and real-life usage experience by us and our team.
If you have any questions about TYPO3 GDPR compliance, let’s discuss it in the comments below.