Okay, if I understand correctly, if you want your website to be RGPD compliant, you must wait for user opt-in before storing anything to their device.

Maybe I'm asking myself too much questions but, how exactly does this work for a PWA ? Should you ask user for permission before starting a service worker and/or before caching any content ? If so, what if the user refuses the authorization ? The app is broken ? Or it just fallback to good old http browsing if it's server-rendered ?

  • 9
    The GDPR is not about data storage, it's about personal data. Caching assets of a PWA does not count. Cookies can because they are used to identify the user upon the next visit.
  • 3
    @Fast-Nop Thanks ! That what my first thought but I still had a doubt... You reassure me, the opposite would be so painfull ^^
  • 5
    You need to apply the consent only if you are using the users data outside of the service core functionality (many times it's the analytics\profiling of user data).
Your Job Suck?
Get a Better Job
Add Comment