Links

GDPR

This page is all about how to make your website GDPR-compliant.

Introduction

Hi there! The fact you are on this page means you are having trouble making your website GDPR-compliant. Yeah, that tortured us too, and many others, so we decided to create this documentation page.
Not to explain far and wide, but it is very difficult to create and maintain a GDPR cookie solution. Every cookie system (analytics, social, maps...) has its own rules, and they change them often.
  • For every analytics, social network, or anything that leaves cookies, a specific solution must be developed
  • For example, the solution we created for Google Analytics, doesn’t apply to Matomo or Plausible. Because they all use different cookie systems. Not to talk about Facebook, Instagram, Twitter, and others
  • Also, they change their system every year, sometimes every month, so the code must be updated to follow up on changes
  • The cookie documentation for all of those analytics systems, social networks, etc, is either non-existent or terrible, so everything must be created blindly with a great amount of testing
It is no surprise that those 3rd party cookie solutions cost from 15 to hundreds of euros per month.
So, the best possible solution is to clear your website from cookies (if possible) and still use all features.

Fonts

You can self-host any font with Zero One (by default Zero One has self-hosted Google fonts), check out the documentation page for that

Videos

For embedding YouTube videos use www.youtube-nocookie.com in the URL instead of www.youtube.com
Also, you can use self-hosted videos in Zero One without problems.

Maps

If you want to just embed a map to show the location, just make a screenshot of the Google map location, add that image instead of the map, and link that image to the exact Google map location.
And if you need a more advanced map, then use the Google map API, then there will be no cookies or tracking. But you need to create a Google Developer account for this.

Analytics

If you want to use GDPR-compliant analytics, here are some suggestions.
We suggest these analytics because they are cookieless (no cookies):
And if you really want to use Google analytics, here are some 3rd party cookie notice solutions we recommend
Also, some of those 3rd-party cookie solutions can help you with other marketing/social cookie integrations.

Contact form

In some countries, it is needed that your contact form to have a privacy acceptance checkbox before the submit button. Although we will make this default feature in version 4.4.1, you can customize now the contact form using the Zero One override system https://www.one.thezero.club/guide/theme-extending
  1. 1.
    Copy site/plugins/zero-one/snippets/contact/form.php file
  2. 2.
    Paste to site/theme/snippets/contact/form.php (you must create a contact folder)
Then add the following code
1
<div class="uk-width-1-1">
2
<label><input class="uk-checkbox" id="privacy" name="privacy" type="checkbox" checked required> I agree to the privacy policy</label>
3
</div>
At line 37 just before the
1
<div class="uk-width-1-2@s">
2
<button class="uk-button uk-button-primary uk-margin-top" type="submit" name="submit" value="Submit"><?= $site->labelSubmit()->html() ?></button>
3
</div>
You can also see in the documentation how to customize the form further if needed

Other

If you are a developer looking to create your own cookie notice solution for some specific needs, we suggest checking out this open-source solution: