H5P.org cookie opt in

Description

Acceptance Criteria

  1. GDPR compliant cookie acceptance thing on H5P.org

    1. No cookie that tracks personal data and that's not technically necessary is set on the user's computer without prior consent

    2. For each cookie: Let people know what cookie by which party will be set for what purpose, and ask for explicit consent and inform about the right to withdraw the consent. This will require some design, too.

    3. Every consent is documented as evidence

  2. Make sure that we list every third-party cookie in the data privacy statement

Solution Suggestion

Look at the widget example on these two pages:
https://www.cookiebot.com/en/gdpr-cookies/
https://www.twilio.com/

I suggest we create a similar small generic JavaScript that displays a data structure categorizing and describing the cookies. It should also save the user's preference. Must be reusable elsewhere. Required design first.

Cookie Overview

1. Required: Session Cookie (set by PHP)
Provides a secure login and protection against CSRF.

2. Functional:
Drupal's has_js and tableDrag.showWeight
H5P Video's Quality Chooser
WYSIWYG Text Editors (CKEditor + TinyMCE)
They are all used to enrich the user's experience.

3. Statistics / Marketing:
Google Analytics
HotJar
Both used to collect feedback on how the web page is used and how it can be improved.

5. Social:
Twitter: Tweet button
Facebook: Like button
Are there any more social stuff included through the H5P Content Types?

Acceptance Criteria

None

Status

Assignee

Frode Petterson

Reporter

Svein-Tore Griff With

Labels

Funding

None

Code reviewer

Thomas Marstrander

Released

None

Sprint

None

Priority

Medium
Configure