Support » Plugin: Complianz | GDPR/CCPA Cookie Consent » Calendly not detected by cookie scanner

  • Resolved tomkelly33

    (@tomkelly33)


    Your plugin’s cookie scanner does not seem to recognise and list the tracking of an embedded Calendly booking calendar. Other cookie scanners list it immediately:
    cookie _calexxxx by Calendly at calendly.com
    Why is that?

    The page I need help with: [log in to see the link]

Viewing 15 replies - 16 through 30 (of 34 total)
  • Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    Thanks for the screenshots. Can you also share a screenshot of the cookies overview on the ‘used cookies’ page? This can tell me a bit more about the sync status.

    And here with the error message that appears after each sync attempt: https://drive.google.com/file/d/1qbzXyYkVkzSOaveMXamYNFFFFa1DtbzY/view?usp=sharing

    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    Hi @tomkelly33,

    Based on your screenshots I can see that the sync with cookiedatabase.org is failing. Because of this, the cookies belonging to the listed services are not retrieved. The plugin currently doesn’t have the cookies set in the base language, English. This usually only occurs when a site is switched from one language to multi language, which is why I asked about that.

    Two things you can try:
    – Completely clear the cookie list on the cookie scan page (hit the “clear cookies” button at the bottom). Then re-scan. This might reset all cookies to the correct base values.
    – Like you suggested, it is possible WordFence, or something else on your server, is blocking the synchronisation. You could try doing a sync without WordFence enabled.

    I deleted and reinstalled the Complianz plugin and did the whole set up incl. scan again, this time with Wordfence deactivated. However the results and error message were the same.
    Then I followed your advice, cleared the cookie list and did the rescan. The result of this:
    – the scanned cookie list is shorter than before (several cookies missing)
    https://prnt.sc/t3tmon
    – the sny error message has disappeared although not it says that sny is deactivated due to a previous scan last week
    https://prnt.sc/t3to7p
    – the used services are all recognised:
    https://prnt.sc/t3tofp
    – BUT only 2 of those services get displayed in the cookie polidy after updating it:
    https://prnt.sc/t3tox4
    So the basic problem remains. Only a fraction of the scanned and recognised cookies/services are listed in the cookie policy!

    In addition I ran our website through the following scanner to see if Complianz blocks all cookies and scripts successfully.
    https://wwwschutz.de/demo/wwwschutz-ki-check-public-p4/start.php?url=www.fraunhoferapotheke.de#a_fingerprint
    As you can see the following cookies and scripts do not get blocked before the user’s consent:
    complxxxx
    _calexxxx
    Google fonts
    Google recaptcha
    Calendly
    How can I add thosee manually and fix Google captcha and Google fonts blocking?

    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    Hi @tomkelly33,

    The missing cookies will get picked up in the future, I think we’ve made some progress, as the previous error has disappeared.

    Because there are no cookies without description the sync is blocked, but you can force this by adding a cookie yourself, with the “add cookie” button. If you then enable synchronization for this cookie, the sync will unlock. You can then re-sync.

    I expect the cookies from Youtube to get retrieved with this sync.

    Then you can delete this custom cookie again.

    Thanks for your patience on this issue, we are making good progress indeed. 🙂
    After following your steps I can now wee all cookies listed in the cookie policy.

    However, according to a deep scan the following services are not blocked yet before consent:
    https://wwwschutz.de/demo/wwwschutz-ki-check-public-p4/start.php?url=www.fraunhoferapotheke.de#a_fingerprint
    complxxxx cookie (not sure what this is)
    Calendly cookie
    Google fonts
    Google recaptcha
    How can I add those services manually via your script center?

    Also I noticed that on each website I use your plugin it detects Dailymotion although I’m not aware of using this plugin/service at all. Is this related to Youtube? If so and if it has to be included how can I show it properly in the policy with its function and purpose (it’s currently faded out in my backend and shows without data in the policy)?

    Plugin Author Rogier Lankhorst

    (@rogierlankhorst)

    The compl cookie is from complianz. It is purely functional and does not track user data, so does not require consent.

    Recaptcha is currently blocked on your site. If you check in your websource, you will see that both references to recaptcha/api.js are blocked, because the type is set to text/plain. I think your scan just checks for this URL, but does not actually check for cookie usage.

    Google Fonts: because there are a lot of ways to implement Google Fonts making it nearly impossible to do this in a stable way, and because blocking it may severely impact the design, we’ve chosen not to block Google Fonts. Instead we recommend to self host Google Fonts: https://complianz.io/self-hosting-google-fonts-for-wordpress/

    Calendly is currently not listed in our integrations, but you can add it to the blocked list by adding

    assets.calendly.com

    in complianz/integrations/script center

    in the input field “(part of) URL’s or unique string from the inline scripts of third-party scripts & plugins that should be blocked before consent”

    We will investigate the purpose of the calendly cookies. If necessary, we will add it to our integrations list.

    As for dailymotion: it is possible another plugin or service on your site uses a cookie with the same name. If this cookie is the requested from cookiedatabase, it will return dailymotion as a service. I checked, but don’t see a cookie which could be linked to dailymotion, so I can’t say why this is the case. It’s also possible there’s a link to dailymotion on your site somewhere, triggering the detection mechanism. It sounds to me like a false positive.

    First of all thanks for your incredible support and dedication in solving all these issues, you guys deserve a 5 star review!

    The Google-Self-Host plugin you recommended crashed my site but I found another one that works instantly after activating: https://wordpress.org/plugins/selfhost-google-fonts/#main

    Blocking the Calendly cookie also worked following your instructions, incredible. 🙂

    The “ts” cookie seems to be from Paypal but your tool allocates it incorrectly to Dailymotion. Can you guys adjust this?

    And my last question: Can I embed a hyperlink in my navi menu or footer that redirects the user to the Cookie preferences section so that he or she can update their settings ever after having opted in?
    See the following example in the footer of this website. If you click on the 4 footer link in the left column (Cookieeinstellungen) it will bring back the cookie notice popup? Is there a way to replicate this modal link?

    Plugin Contributor Leon

    (@leonwimmenhoeve)

    Hi @tomkelly33,

    Good to hear! About the “ts” cookie, this name seems to be used by both services. I did not find it myself while looking at your site, but if you are sure that it belongs to PayPal, you can edit this by following these steps:

    1. Navigate to Wizard -> Cookies -> Used cookies
    2. Uncheck ‘sync to cookiedatabase’
    3. Edit the Service Name
    4. Click save

    You can embed a ‘manage consent’ block anywhere you want using our shortcode: [cmplz-manage-consent]

    Good luck!

    Regards,
    Leon

    Wow, that worked great with the “manage consent” shortcode in the footer, thanks a lot!

    tomkelly33

    (@tomkelly33)

    Hi Leon, I used the same procedure as above to block Calendly (manually) and Google Recaptcha (automatically) on this site: https://prometheusanimation.de/
    However, both services are still recognised by this cookie scanner and registered as not blocked:
    https://wwwschutz.de/demo/wwwschutz-ki-check-public-p4/start.php?url=https://prometheusanimation.de/
    Why is that?

    Plugin Contributor Aert Hulsebos

    (@aahulsebos)

    Hi @tomkelly33,

    You can add calendly.com to the Script Center as part of script URL to be blocked, and (!) as a URL from an iFrame. This should do the trick,

    regards Aert

    PS: The cookie scan recognizes the services, and should be recognized to add to the cookie policy.

    tomkelly33

    (@tomkelly33)

    I did so but both Calendly and Recaptcha still seem to get triggered before consent, just try the above cookie scanner again.
    https://wwwschutz.de/demo/wwwschutz-ki-check-public-p4/start.php?url=https://prometheusanimation.de/
    On the other hand, on my other sites everything gets blocked perfectly using exactly the same settings, see for example here:
    https://wwwschutz.de/demo/wwwschutz-ki-check-public-p4/start.php?url=https://videoadsforsocial.com/

Viewing 15 replies - 16 through 30 (of 34 total)
  • You must be logged in to reply to this topic.