Questions & Answers (Q&A)

 

Is my CMS ready for fccDataPrivacy?

Some CMS do not support all technologies necessary for the proper operation of fccDataPrivacy.

The native Joomla forms tool (JForm) is not compatible with our Consent Solution as it is not supporting custom HTML and javascript.  
We suggest using Chronoform, as a lot of our customers do. It's a free plugin downloadable here: https://extensions.joomla.org/extension/chronoforms/
 
To add in every page (inside the <head> tag) the "init" code of our Consent Solution, you can use this useful plugin for Joomla:  https://extensions.joomla.org/extensions/extension/core-enhancements/coding-a-scripts-integration/headtag/

Then you can create a simple form (or I can help you doing it), and insert the form in the article page with a shortcode (we will also help you to modify it with the consent solution script).

Privacy Policy and Cookie Policy

The law requires any website/app that collects personal information to disclose relevant information to users through specific privacy and cookie notices.

The Privacy Policy must contain certain basic elements that are specific to your particular processing activities, including:

  • the contact details of the data controller
  • which personal data is processed
  • the purposes and methods of processing
  • the legal basis of the processing (e.g. consent)
  • the third parties who also have access to the data - including third party tools (e.g. Google Analytics)
  • Details of the transmission of data outside the European Union (if applicable)
  • user rights
  • Description of the notification process for changes or updates to the Privacy Policy
  • the effective date of the Privacy Policy.

The Cookie Policy expressly describes the different types of cookies that are installed through the Site, any third parties to which these cookies relate - including a link to the relevant documents and opt-out forms - and the purposes of processing.


It is not possible to use generic documents because your policy must describe the specific data processing of your website/app in detail and must also include the specific details of the third-party technologies you specifically use (e.g. Facebook Like Buttons or Google Maps).


It is very difficult for a website not to process any data. A simple contact form or traffic analysis system such as Google Analytics is sufficient to trigger a commitment to create and display a privacy and cookie policy.

In addition to providing an easily accessible and accurate cookie policy, in order to adapt a Web site to the Cookie Act, it is also necessary to display an informative cookie banner that refers to a detailed cookie policy on each user's first visit and gives the user the opportunity to decline to install cookies or consent to the installation. Most types of cookies, including those issued by tools such as social sharing buttons, should not be released until the user has given valid consent.

In addition, many third-party networks may limit advertising reachability if you do not have a cookie management system that meets industry standards - which could affect your ability to generate advertising revenue.


Cookies are small files that are used to store or track certain information while a user visits a Web site. Cookies are now essential to the smooth running of a Web site. In addition, many third-party technologies integrated into a website also use cookies, e.g. simple video widgets or analysis programs.

Consent

If your user has to enter personal data directly on the website/app, e.g. by filling out a contact form, a service registration or a newsletter subscription, it is necessary to obtain a freely given, specific and informed consent. It is also necessary to keep clear records to prove that a valid consent has been obtained.


You must obtain consent for any particular processing purpose - for example, consent to the sending of newsletters and further consent to the sending of advertising material on behalf of third parties. Consent can be requested by setting up one or more checkboxes that are not pre-selected, mandatory or enforced (voluntarily specified) and accompanied by appropriate disclosures that will make it clear to the user how their data will be used.


Each time a user completes a form on your website/app, a variety of information needs to be collected. This information includes a unique user identification code, the content of the accepted privacy statement, a copy of the form submitted by the user, and a record of the opt-in mechanism used.


Unfortunately, it is not sufficient because some information is missing that is necessary to reconstruct the suitability of the procedure for obtaining consent, such as a copy of the form actually completed by the user and the version of the privacy documents available to the user at the time of obtaining consent.