Marketing Cookies

florin-avram

Hello

I have found this cookies generated by URL: http://csr-maxbet.ro/index.php/video-list can you tell me what is generating them and how to remove them ?

They are ad based cookies and most of them very suspicious!

RUN_ID rundsp.com HTTP 3 months
SEUNCY semasio.net HTTP 179 days
TapAd_TS tapad.com HTTP 2 months
TDID adsrvr.org HTTP 1 year
uuid mathtag.com HTTP 1 year
ab agkn.com HTTP 1 year
bkdc bluekai.com HTTP 179 days

Thank you!

saguaros

florin-avram
Hi,

How can I check to see these cookies?

florin-avram

saguaros
Bellow you have a onedrive link with the cookies scan report
https://1drv.ms/b/s!AuW74sRRlpiphwZ7cdKCXuRPxVtQ

saguaros

florin-avram
Hi,

I don't have this tool to check, did you experience the same with our demo site? http://ja-oslo.demo.joomlart.com/index.php/en/

florin-avram

saguaros

The tool is free https://www.cookiebot.com/en/

I will try and scan the demo website and see the result

florin-avram

saguaros

The result is the same, we need to do something because some of those website are really harvesting date without any functionality on the website.

There is no reason for them to get this data.

https://1drv.ms/b/s!AuW74sRRlpiphwfKW4KUNqdLGs3s

paulus1031

Are we looking at cookies and GDPR ?
e.g. personal information in cookies?

I'm not sure I'd have to read up about what data they are taking - if the data is not personalised there isn't a problem from the GDPR perspective

Cheers
Paul

florin-avram

paulus1031

Even in the context that we leave aside the GDPR aside, we have several marketing platforms collecting data from my website without my consent and adding to extra execution time without any reason. Ja Oslo is a paid template so it should not report to unspecified third parties without the consent of the owner.

Second if we bring GDPR into play then i as owner need to inform my visitors about those cookies and why they are there, that is their purpose and who the date will be used, a thing that currently i'm not able to do because i was not the one who decided to send data to multiple marketing platforms and the worst thing i have no control over it.

You said "I'm not sure I'd have to read up about what data they are taking - if the data is not personalised there isn't a problem from the GDPR perspective" why should someone take data from my website without my consent?

If a product is reporting data about its user without him knowing or without offering any way to stop that data flow its called a malware.

paulus1031

Hi Again,

Cookie usage / implementation is covered in depth in the e-privacy regulation which overrides the current law e-privacy directive - this series of rules was intended to come in to force at the same time as GDPR - it hasn't

https://www.techrepublic.com/article/gdpr-vs-eprivacy-the-3-differences-you-need-to-know/

At the moment as you say it requires consent for personalised data - however if the data is not personalised then consent is not required as the data can not be used to identify the user

In essence an audit is required to establish what data is actually collected for a users visit.

Information is taken from some apps by the social media applications for the purpose they were intended - here it again depends on data collected and how the user interacts with the social media plugins.

Then we have something called legitimate interest of the business to collect data >

Legitimate interests is the most flexible of the six lawful bases. It is not focused on a particular purpose and therefore gives you more scope to potentially rely on it in many different circumstances.

It may be the most appropriate basis when:

the processing is not required by law but is of a clear benefit to you or others;
there’s a limited privacy impact on the individual;
the individual should reasonably expect you to use their data in that way; and
you cannot, or do not want to, give the individual full upfront control (ie consent) or bother them with disruptive consent requests when they are unlikely to object to the processing.

This would apply to cookies that make the site work better both for the user and the site owner but it is not a get out of jail free card (so to speak)

If you want to stop many of these cookies on your site you can disable the social media elements. This will stop many cookies being used on your site

I am not disagreeing with your point regarding consent and site execution time as these are vitally important for a website

Depending on how case law / guidance develops I think most major sites will consider some kind of application splitting cookies into advertising, support, social and essential use - then people can choose what to disable and understand the implications of their choices

However many businesses may just do very little and wait for the e-privacy regulation to clearly define what is permitted usage without asking for consent and how technology develops e.g. how best to use anonymization or pseudonymization of data

paulus1031

Above is my understanding of situation regarding cookies and isn't intended as legal advice

If you need help with disabling social media elements on your site please ask and I will go through it with you

Your post does make clear that we as a template provider do need to consider our cookie usage on our site and I will ask the site admin for comment

Cheers
Paul