locked
What happen if someone do not accept the GDPR alert inside asp.net mvc core 3.1 RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User-540818677 posted

    I am working on an Asp.net MVC core 3.1 registration web site for the US market, where the users enter his/her mobile number >> and on the next screen they enter their info to register with us. and we want to track the users who enter their mobile numberx but do not register.and since we are tracking the users' actions, so i added the GDPR alert by following the steps mentioned on this link @ https://docs.microsoft.com/en-us/aspnet/core/security/gdpr?view=aspnetcore-3.1.

    but i am not sure what i need to do then?. I have these 3 questions:-

    Question1) If someone accept the alert, then this mean that we can track if he did not complete the registration?

    Question2) How i can know that the user accept or did not accept the GDPR alert inside my code?

    Question3) If the user did not accept the GDPR alert, then is it still fine to track if the user enter his/her mobile number but did not register?

    Thanks

    Tuesday, June 2, 2020 4:32 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    User-474980206 posted

    the GDPR only works with cookies generated by the server. the content is tracked in a cookie. you can check for the cookie value with:

        var consentFeature = Context.Features.Get<ITrackingConsentFeature>();
        var canTrack = !consentFeature?.CanTrack ?? false;

     basically the feature only handles server generated cookies. if the cookie is not marked essential, then GDPR accept is required for the cookie to be returned to the browser. if you have tracking tags on the page, the feature does not handle this you will need to wrap the tags. as the feature is not complete on its own, this is probably why its not the default anymore.

      @if (canTack) {
        <div> ..</div>
        <script> ...<script>
      }

    the EU law says you can not track unless the user accepts. the law applies whether they register or not.

    Tuesday, June 2, 2020 10:08 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-540818677 posted

    the GDPR only works with cookies generated by the server. the content is tracked in a cookie. you can check for the cookie value with:

        var consentFeature = Context.Features.Get<ITrackingConsentFeature>();
        var canTrack = !consentFeature?.CanTrack ?? false;

     basically the feature only handles server generated cookies. if the cookie is not marked essential, then GDPR accept is required for the cookie to be returned to the browser. if you have tracking tags on the page, the feature does not handle this you will need to wrap the tags. as the feature is not complete on its own, this is probably why its not the default anymore.

      @if (canTack) {
        <div> ..</div>
        <script> ...<script>
      }

    the EU law says you can not track unless the user accepts. the law applies whether they register or not.

    Thanks for your detailed reply. so now i can do these 3 points:-

    1) activate the privacy alert as mentioned on this link @ https://docs.microsoft.com/en-us/aspnet/core/security/gdpr?view=aspnetcore-3.1

    2) then i can know if the user accept the alert or not by the following code:-

    var consentFeature = Context.Features.Get<ITrackingConsentFeature>();
    var canTrack = !consentFeature?.CanTrack ?? false;

    3) then if the user accept the privacy alert i can track if he/she did not complete the registration, while if the user did not accept the alert, then i should not track if he/she completed the registration or not.

    generally speaking is my above 3 points valid? and thanks again for your helpful reply.

    Wednesday, June 3, 2020 11:32 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-540818677 posted

    bruce (sqlwork.com)

    the GDPR only works with cookies generated by the server. the content is tracked in a cookie. you can check for the cookie value with:

        var consentFeature = Context.Features.Get<ITrackingConsentFeature>();
        var canTrack = !consentFeature?.CanTrack ?? false;

     basically the feature only handles server generated cookies. if the cookie is not marked essential, then GDPR accept is required for the cookie to be returned to the browser. if you have tracking tags on the page, the feature does not handle this you will need to wrap the tags. as the feature is not complete on its own, this is probably why its not the default anymore.

      @if (canTack) {
        <div> ..</div>
        <script> ...<script>
      }

    the EU law says you can not track unless the user accepts. the law applies whether they register or not.

    Based on my test the canTrack variable in your code will be false if the user accept the privacy alert, while it will be true if the user did not accept the privacy alert... so i think we need to swap your if statement at var canTrack = !consentFeature?.CanTrack ?? false;? is this correct ?or i am missing something?

    Thursday, June 4, 2020 1:56 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User711641945 posted

    Hi johnjohn123123,

    Based on my test the canTrack variable in your code will be false if the user accept the privacy alert, while it will be true if the user did not accept the privacy alert...

    It is the expected behavior by this code.

    As an example,you could check the _CookieConsentPartial.cshtml:

    @{
    var consentFeature = Context.Features.Get<ITrackingConsentFeature>();
    var showBanner = !consentFeature?.CanTrack ?? false;
    var cookieString = consentFeature?.CreateConsentCookie();
}

@if (showBanner)
{
    //...
}

    If show privacy alert,the value of showBanner which equals to your canTrack is true.If you click the accept button,the privacy alert would not display and the showBanner should be false.

    Best Regards,

    Rena

    Thursday, June 18, 2020 8:13 AM