67

I just updated my website to be GDPR compilant. (hopefully). It was the last one.
I'm so pissed right now. I have invested tens of hours for this FUCKING SHIT. I'm not against privacy regulations - I appreciate them. But this is not the way to enforce them IMO.

Comments
  • 6
    What's the "anonymous usage data" in your case?

    By the way, not "every other site" uses cookies ;)
  • 5
    You had a lot of time.
  • 4
    @linuxxx It's my Matomo instance with anonymized IP addresses and Do Not Track settings.

    I know that there are websites that don't use cookies, but it's the minority. In my opinion, the GDPR is just a shitton of work for a private person like me developing some tiny websites.
  • 5
    @sudorm-rf If isn’t personal data that you’re saving the GDPR doesn’t apply.
  • 2
    @FilipeRamalho Sure, I had a lot of time. But that argument does not reduce the time I need to make everything compilant. It's totally irrelevant that I could have done it earlier (in my opinion). The fact that I spent 60+ hours reading into the GDPR and making everything compilant is hilarious to me. I could have done much better things in that time.

    Get me right, I like the regulations for the big companies who actually can afford this amount of time. But I simply cannot.
  • 8
    @sudorm-rf You ok so only big companies should have to apply. No thanks I prefer when laws are for everyone. Most of the GDPR was already implemented in national law. The only new things are the clear definition of our rights and the extraterritorial application.
  • 3
    @FilipeRamalho No, the law should apply for everyone. But I miss paragraphs that decrease the work for private persons.

    Aside from that, the privacy policies didn't get more simple but longer (at least for what I've seen) and it's just a big bureaucratic hell. How many little flower shop owners will get admonished because they did not update their privacy policy? We will see...
  • 1
    @sudorm-rf None. Why should they, from what I know florists don‘t collect personal data.
  • 0
    @Alice May be true, but do you think they are writing your personal data down and use it for whatever god knows.
  • 1
    @FilipeRamalho Well, they need a hosting provider with disabled access logs and a CMS which does not use cookies. And if they count visitors (just counting, nothing else), they have to set a cookie and boom, they need a GDPR compilant privacy policy.

    And that's just for the website. You need a privacy policy "offline", too.
  • 3
    @sudorm-rf Cookie != Having to enforce GDPR
  • 0
    @Alice Hmm... that’s true, but still they won’t have to close, because of privacy policy.
  • 0
    @Alice @FilipeRamalho I know, but you need a cookie or another piece of identifyable data to count visitors (not visits)
  • 0
    @sudorm-rf You can use an ID
  • 1
    @sudorm-rf I do visit counting in the backend, no cookie needed!
  • 0
    @linuxxx Visit or visitor?
  • 5
    Im sorry but if this is real and if i, by any chance, am one of your website's user or even stumble upon it and see this. I would immediate stop and just leave the site. It just reads so unprofessional, childish, and full of unnecessary emotions.
    My opinion though so take it as a grain of salt.
  • 5
    Why is there no option to reject and continue using your website without them cookies? :D
  • 4
    Yo man, sorry to be the one tot tell you this, but a cookie wall (or any other method with only an 'accept' button) is not legal under GDPR

    Users need to be able to not opt-in and still use the website.

    By the way, you're in the clear with session cookies as long as no third parties are involved
  • 0
    @NillValue then just don't visit it, I don't care.
  • 0
    @wildebeest well, you can just leave the website or disable cookies before closing the dialog.
    I don't think that this is illegal as I inform the user and then let him either accept it or leave the page.
  • 0
    @tacticalKimchi there's no reject button because I don't need to implement a feature in my website that your browser has and had for ages.
  • 1
    @sudorm-rf that's just it, the gdpr explicitly says they need to opt-in, completely voluntarily, and it's not allowed to block users if they don't
  • 1
    The term I was looking for was "true choice".
    You might need to read up on cookies and stuff: https://cookiebot.com/en/...

    I hope other parts of the world will also implement this new regulations, since it makes everything easier if everyone follows the same rules
  • 0
    @wildebeest What about for example, "The Verge"? https://www.theverge.com/

    They only have an accept button, too.
  • 1
    They're not the only ones. I'll look into it again later today, since a lot of companies use that as a solution. I'll keep you posted
Add Comment