Cookie Consent

Screen Shot 2021-05-15 at 9.34.10 PM

Is this new or did I never notice it before? Located in App Settings under Privacy.

3 Likes

It’s been there for a few months now but it’s definitely an untalked about feature.

Interesting! Didn’t see it listed in their updates haha.

I had not noticed this either! I have just added this to my app environment. Thanks for noticing and sharing, @Joe_Gabriele :slight_smile:

I’m pretty sure that it’s been only in staging for the past few months. I know I’ve looked for it a few times when others have asked about cookies in the past, to see if it was released yet. Must have just been moved to Production.

3 Likes

That’s very plausible. It would be strange for me to have missed it for so long.

3 Likes

Ohh nice one, will look at this next week.

I noticed just yesterday Saturday. I’m not sure what an “authentication” cookie is, I need to look it up.

If GDPR applies to the app – users located in the EU – then asking for consent would probably be a recommended practice? I’m in the EU, I’m setting to “Ask user consent” :slightly_smiling_face:

2 Likes

I’m guessing it’sa cookies to keep them logged in after they exit the app, which then expires after a certain amount of time.

3 Likes

I believe that’s correct. My understanding is that the Glide authentication cookie keeps you logged in indefinitely. Refusing to accept that cookie would (presumably) mean that the user would need to re-authenticate every time they open the app.

5 Likes

And GDPR says if you have European users you must ask for consent correct?

1 Like

I’m no expert on GDPR, but yes, I believe so.

There are quite a few threads in the forum on GDPR, it was a big topic last summer. @Krivo might chip in, he’s always seemed to be quite aware of our obligations as developers.

I should know GDPR and yet I always forget the details (and the devil might be in the details? :sweat_smile: ) So I remind myself that the basic premise of GDPR is about respecting the user. Surely if I keep in mind “respect the user” when I build, everyone will be happy?

1 Like

The ‘authentication cookie’ merely keeps you signed in. Our view is that consent for this cookie is not required under GDPR, but one of our EU Enterprise customers disagreed, so we created the option.

7 Likes

As reported on cookiebot by Usercentrics (www.cookiebot.com):

"The General Data Protection Regulation (GDPR) applies to all websites with users from the EU. Check if your website’s use of cookies and online tracking is compliant with GDPR and the ePrivacy Directive (ePR).
See what data your website collects and shares with 3rd parties - also useful for CCPA compliance (California Consumer Privacy Act). "

By checking my app with their tool, 5 cookies are detected: app-login-DzUtf9z7qBUYcfO2FnQY, glide-cache-control # globalSpaceUsage, glide-feature-settings, glide-quotas-DzUtf9z7qBUYcfO2FQYz7-apps

In my App, each of these cookies should be classified by explaining to the user what the purpose is.
I don’t know what the purpose of these cookies is, if I did I could create an entrance banner that lists them and asks the user if they want to accept or not.
This would make my App compliant.

@david Can you confirm that all these cookies are merely to keep the user logged in?
Furthermore, I am pleased to note that cookies data is being sent to the Netherlands; does this mean that Glide has servers in europe to also host apps for european customers?
Thanks

3 Likes

Having servers in Europe would be a blessing, cus technically no information can leave the EU if there are European users if I’m not wrong

2 Likes

@PabloMFalero not strictly correct but it could makes lives easier. You can get around the problem if the company (glide) and sub supplier does specific things - as I understand the GDPR

1 Like

This is actually not the case. You just need to ask permission for the things you are doing, and allow for your customers to consent.

1 Like

Hi Mark,
From my point of view, even your App would not be cookies compliant; it is okay that you manage them from your site, where it is downloaded, but in theory one person could access your app without going through your site, and in that case you would not inform your user with the cookie banner.
What do you think about this @Mark_Turrell ?
I think we must have a support Glide function to manage these aspects, otherwise we risk not being credible in front of EU companies that are well informed and respectful of all the GDPR aspects, including banner cookies.

1 Like

Hi Roldy - I am not sure how a user would be able to access my app / site WITHOUT being logged in. The only way to access any data would be to have access to either the developer environment, or the backend data (which we really do lock down!). I did play around with sending deep links for a while… and that always kicked up a login prompt (on new device, or different browser, incognito mode, etc).

My use case might be special. I have my app set to public with email, so there is no screen a user can see without logging in (apart from the splash screen).

So for me I see this as a non-issue :slight_smile:

2 Likes