Groups keyboard shortcuts have been updated
Dismiss
See shortcuts
Cookies with Django
74 views
Skip to first unread message
אורי
Aug 8, 2024, 10:36:10 PM8/8/24
to Django developers (Contributions to Django itself)
Hi,
Django uses cookies at least for authentication / login. How does Django handle the European Union legal requirements related to using cookies? For example, does the user have to agree before cookies are used?
Thanks,
Uri.
אורי
Curtis Maloney
Aug 8, 2024, 11:41:00 PM8/8/24
to 'Mike Hansen' via Django developers (Contributions to Django itself)
{I am not a lawyer. None of this is legal advice, of course.}
Django itself does nothing to tell your users authentication uses cookies.
If and how you choose to do that is up to you; also, there are some 3rd party apps to try to make this easier.
However, I find this paragraph from https://gdpr.eu/cookies/ quite informative:
- Strictly necessary cookies — These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies. While it is not required to obtain consent for these cookies, what they do and why they are necessary should be explained to the user.
So in short, it's recommended you let users know you will be using a cookie, and why, but the GDPR does not mandate it for this type of cookie.
--
Curtis
--You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/CABD5YeH6_R2YyhHaB0BOzW%2BOFvWY4N8eU2pA4CvF1gt1VoPepQ%40mail.gmail.com.
אורי
Aug 9, 2024, 2:22:21 AM8/9/24
to django-d...@googlegroups.com
Thank you.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/3f17f472-d1ac-46e6-97c9-caf8e1fd5f39%40app.fastmail.com.
Jacob Rief
Aug 9, 2024, 3:08:21 AM8/9/24
to Django developers (Contributions to Django itself)
Hi Uri,
we are running a large Django site in Austria. As cookies we use session-ids, csrf-tokens and the preferred language. By our legal team, they all are considered as strictly necessary and hence we do not have to ask for consent from our users. This btw. only applies to assets served by our own servers. If you add IFrames, embed YouTube videos or even OSM tiles, you should ask for consent, because then you might expose your users to 3rd party cookies. – Jacob
אורי
Aug 9, 2024, 3:21:03 AM8/9/24
to django-d...@googlegroups.com
Thank you.
--
You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-develop...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-developers/412c505a-0304-4885-92e9-e3d182f3438dn%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages