@garrison @maschera If the sign-in screen where the user enters their email address had a configurable checkbox that the user has to check before proceeding, would that be sufficient?
6 Likes
Sure thing, I appreciate that. Great that we are all pulling ideas together to work through an appropriate solution.
2 Likes
@Mark: when you say ‘configurable’ by that do you mean we would be able to provide a link to our privacy policy?
If so then yes, I feel that would be a massive step in the right direction. That would mean we have complied with one of the basic rules of GDPR, i.e. acquired their active and informed consent.
The data retention and removal issue is a different beast but perhaps the checkbox would then open up the pathway for this to be developed further in the near future?
1 Like
So the minimum you need is:
- A required checkbox on the sign-in screen with configurable text
- A link on the sign-in screen to your privacy policy?
Could you please provide a few examples of other apps/websites that do that?
1 Like
@Mark: you can see some examples in this article…
And yes, I think the minimum is just as you have described.
2 Likes
Hey Mark, that will definitely cover most of it.
The way I picture it is a single acceptance box with three links right underneath:
- Privacy Policy
- Cookie Consent
- Terms
The links could point either to an external web page or to an in-app screen.
In fact, although my policies are visible externally, I also create permanent pages in-app to further show my willingness to comply. Example here (apologies for the watermark, privacy reasons).
The other aspects of GDPR will be makers’ responsibility to comply with (eg. Data Retention, Right to be Forgotten, Data Officer, Policy Updates), so nothing for Glide to work on.
Glide can be held liable for GDPR infringements only if the company accesses to our user data. But as I understand you guys don’t.
Let me know if anything is unclear and thanks a lot for caring about our mental health 
Disclaimer: I’m no lawyer or privacy specialist of course, but I have spent more than 3 hours on a call recently with one and I’m sharing what I learnt.
P.s. for the other makers’ knowledge, always make sure that you host your clients’ sheet on a paid GSuite account, since a free Gmail account seems to be offering less privacy cover (its use is supposed to be personal). Also make sure that customers are notified in case Google changes their policy or notify of a data breach.
4 Likes
@maschera: I was thinking of only 1 checkbox for the privacy policy as I feel that is the most important of all.
If we did have provision in Glide to acquire users’ consent, in the way @Mark has outlined above, then for my case I would use the link to direct them to a screen in my app which would outline the basics of our privacy policy whilst urging them to read our policy in full with a link to the external source on our WP landing site.
I think the link option should be flexible enough to accommodate the following:
-
Title of the link, as we can call it what we want then as some people may choose Terms & Conditions which may have reference to the privacy policy.
-
Action, i.e. Link to screen, or Open link.
-
Extra checkboxes & text/links could be achieved by enabling app owners to add more i.e. like the + icon in Glide in Features > Visibility + Condition, with a maximum of 3.
A note about Cookies: Do Glide apps use cookies? I’m guessing so.
@garrison @mark if glide as we expect use cookies then you cannot rely on the t&c to be inside glide as the cookie has then already been set. Further it would be natural for the user to accept the conditions before the app is added to the home screen I would think.
@mark really pleased you are now looking at the gdpr challenge
1 Like
Making the link go to a page in your app is a lot more difficult to do than making it just go to a web page.
@Mark: OK, I can see that but I was just trying to give you some ‘ammo’, as it were, in using components/models you’ve already built and are already prevalent in Glide.
Yes I agree that the checkbox should be one only.
But I believe that we should be able to insert 1-3 hyperlinks below (call them buttons in Glide’s terms).
If we insert our Cookie Policy, we will be able to use Google Analytics, Hotjar and other tracking tools.
Besides, I believe that Glide natively uses some sort of Cookies. When I sign-up through OTP, I’m usually not asked to re-insert my code if I login after a day or two.
1 Like
Not a problem then.
An external page will suffice.
No privacy if personal Google drive account. They explicitly state they scan your files to personalize your experience on Google.
Only Gsuite account offers (more or a bit more, who knows) privacy for company, aka. your stored file are not (or less) scanned by Google.
3 Likes
Here we Are Man !! Great !!
1 Like
Thinking back on sign-up experiences, I recall very few that require clicking on a checkbox. Most simply have two links below sign-up box – TCs & Privacy Policy. I am an EU/US resident and use apps on both sides.
Fourchette – restaurant app
Shopify’s new direct D2C app
Hate to complicate things, but later this year we may be required to give California’s Consumer Privacy Act (CCPA) its own link.
5 Likes
@Rasha: All of these examples you have provided are in direct contravention of GDPR.
Let’s start with the first one: it needs to be the other way around, i.e. the users needs to check the box to opt in, not opt out.
The others are not seeking explicit and informed action on the users’ part at all.
Deliveroo should know better!
2 Likes
@maschera: I think the items in the context of the preamble should just be links, i.e. underlined, that should be suffice.
I don’t think you need them stacked up like that.
2 Likes
Agree about marketing opt-out and it’s infuriating. I suppose for mega-co’s, they have enough in their coffers to fend off legal action. Snack pass is US-based newcomer, with heavyweight investors and presumably a well-paid legal team. So I find this baffling.
2 Likes
@Rasha, well Snackpass clearly has NO legal team, well paid or otherwise 
1 Like