It should be noted however that some actions by admins and users with edit permissions can bypass the cookie prevention e.g. setting Google Analytics or some social media functions with plugins, etc.; so admin/editor user education is required.
If some action like using Google Analytics is set by an admin in (say) the 'Customization' section of the 'Look & Feel' admin screen, then a check on the state of the custom consent cookie should be added as a wrap around the code used, like this:
{if $smarty.cookies.your_custom_cookie_consent_name eq 'y'}
your code that might set a cookie
{/if}
By contrast, the {GOOGLEANALYTICS()} plugin is Cookie consent aware. If Cookie Consent is active, the plugin will not log anything until the user accepts cookies. Do not be surprised if your Google Analytics figures go down and you miss the statistics of where users come from, etc.
Before cookies are accepted, there is also some change of behaviour in user modules (anyone who knows which changes, please update this part).
For any editor that might use some code in a Wiki page etc., that could set a cookie then they need to use a new 'wrap around' plugin called COOKIECONSENT which will prevent anything in the body of this new plugin from being executed if the user has not set the consent cookie eg
Copy to clipboard {COOKIECONSENT()}
any content that could set a cookie
{COOKIECONSENT}
For more info check the Plugin Site.
Note that the Cookie consent disabled feature (introduced in Tiki15) does not actually let the user refuse cookies but it shows the Cookie consent banner. This is for the cases where you wish to direct users to a third-party mechanism for cookie management, or if you wish to inform the user that the only way of avoiding cookies from your site is to not surf the site.
Interpretations vary as to this option makes you still compliant with the EU directive, but anyway, people outside the EU may also want to inform users about their privacy policy.
|