-
Type:
Epic
-
Status: Resolved
-
Priority:
Minor
-
Resolution: Done
-
Affects Version/s: 67
-
Fix Version/s: 2.2
-
Component/s: Ergonomy / UX / UI
INTRODUCTION / LAW SUM UP
Tickets related to cookie management law.
- Analytics cookies can't be set as long as user didn't accept them explicitly. Technical cookies like auth / session cookies are ok.
- User should be able to refuse them individually (globally should be ok too).
- As we use different subdomains (e.g. connect.nuxeo.com, marketplace.nuxeo.com) we have to take the appropriate measures for this: browser will consider subdomains as a different website each time.
- If user refuses cookies service should still work properly.
- Cookie duration is 13 months max and date should be fixed, no counter reset if user visits website again.
Impacts:
- Connect portal
- Studio Modeler & Designer
- Marketplace
- Registration
GENERAL EXPECTED BEHAVIOR
- Analytics cookies should not be set as long as user has not done something explicit to accept them (see NXCONNECT-1667 )
- Agreement should be valid for 1 year, with a fixed end date
- When user opts out, analytics cookies should be destroyed if existing and not be loaded any further
- When user opts in, cookies can be used normally
- NOS should remain usable as usual when a user opted out
COOKIES IN SCOPE
- Analytics cookies: segment / marketo / google analytics