• Resolved rapportdesign

    (@rapportdesign)


    I’ve been using Cookiebot since May 18 and signed up as a reseller, as we handle over 100 WordPress websites.

    Despite the annoying monthly fees, it seemed like an automated solution to a confusing area of website development, which would save enough time to easily cover the Cookiebot fees.

    We sent out an e-shot and signed up a few clients… I then discovered around October 18 that some cookie files are still set, so dug a little deeper, to read that some scripts need modifying.

    My initial reaction was that not only finding the code to modify would be a pain but with the potential for plugin updates to override the changes, makes this solution completely unmanageable.

    I, therefore, have stopped pushing Cookiebot until I’ve had a chance to investigate further.

    After some further reading, it appears the more mainstream plugins have made the necessary changes, so their scripts don’t require modifying. It would be great if someone could confirm this?

    Assuming the above is true, what are people doing about the less mainstream plugins? Constantly modifying upon every update? Getting rid of the plugin and finding an alternative that supports Cookiebot?

    I’ve been running some tests on our own site… https://rapport-design.com/
    I can see that 4 cookie files are saved before consenting.
    One is listed as necessary, 2 are listed as marketing and _gali is the 4th one set, but doesn’t appear to be listed by Cookiebot.

    I’m guessing the Necessary one is OK to be set without breaking GDPR.
    I’m assuming the Monster Insights plugin that we use for Google Analytics isn’t compatible with Cookiebot and to avoid modifying repeatedly with every update, I should find an alternative solution for Google Analytics. This seems a bit crazy considering how mainstream Monster Insights is, but there are a lot of Google Analytics related Add-Ons showing up within the Cookiebot Prior Consent section.
    Can anyone clarify anything here?

    I’m wondering why other Necessary cookies aren’t showing up straight away and why all 16 aren’t appearing when I accept all cookies. I’m assuming this is because the Cookiebot report provides details of every Cookie file across the site, whereas my Home page tests will only work with the cookie files being loaded by the Home page. Confirmation would be great!

    Until I’m comfortable that I know how to properly use Cookiebot to be GDPR compliant and what works involved ongoing, I’m reluctant to push this service to any more clients.

    Any further information would be greatly appreciated.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Plugin Author cookiebot

    (@cookiebot)

    Hi @rapportdesign,

    I’ve been using Cookiebot since May 18 and signed up as a reseller, as we handle over 100 WordPress websites.

    Despite the annoying monthly fees, it seemed like an automated solution to a confusing area of website development, which would save enough time to easily cover the Cookiebot fees.

    Which fees are you talking about? The subscription fee, or?

    After some further reading, it appears the more mainstream plugins have made the necessary changes, so their scripts don’t require modifying. It would be great if someone could confirm this?

    Assuming the above is true, what are people doing about the less mainstream plugins? Constantly modifying upon every update? Getting rid of the plugin and finding an alternative that supports Cookiebot?

    Some mainstream plugins claim to comply with the GDPR, some don’t. Nonetheless, you still need to inform your users about all tracking going on, through a cookie banner or similar.

    Your best option is to use our Addons, which you can read more about here: https://github.com/CybotAS/CookiebotAddons

    The addons are a free contribution from Cookiebot to the community. They will help you not having to manually change the code of other plugins. If we are missing a plugin, you can create an issue on the Github page, and we’ll have a look at it. To find the addons, go the to “Prior consent” menu tab of the Cookiebot plugin.

    We have reached out to WordPress, to get a more permanent solution, but no progress so far: https://core.trac.wordpress.org/ticket/44043

    I’m guessing the Necessary one is OK to be set without breaking GDPR.
    I’m assuming the Monster Insights plugin that we use for Google Analytics isn’t compatible with Cookiebot and to avoid modifying repeatedly with every update, I should find an alternative solution for Google Analytics. This seems a bit crazy considering how mainstream Monster Insights is, but there are a lot of Google Analytics related Add-Ons showing up within the Cookiebot Prior Consent section.
    Can anyone clarify anything here?

    MonsterInsights does integrate with Cookiebot, no code changes required. You need to get their eu-compliance addon:

    https://www.monsterinsights.com/addon/eu-compliance/

    I’m wondering why other Necessary cookies aren’t showing up straight away and why all 16 aren’t appearing when I accept all cookies. I’m assuming this is because the Cookiebot report provides details of every Cookie file across the site, whereas my Home page tests will only work with the cookie files being loaded by the Home page. Confirmation would be great!

    That is correct. Cookies are set on different pages. The cookie report that we provide will give you more details on which pages they were found.

    • This reply was modified 8 months, 2 weeks ago by cookiebot.
    • This reply was modified 8 months, 2 weeks ago by cookiebot.
    • This reply was modified 8 months, 2 weeks ago by cookiebot.

    Hi there,

    Thanks for your reply… Things are becoming clearer.

    Yes, I was referring to the subscription fee.
    It didn’t exactly go down well, trying to sell a monthly subscription fee for a cookie popup that drives most people mad.

    My main concern is cookie files being stored before consent.

    Rather than trying to keep track of what plugins are GDPR compliant or not, I was lead to believe that Cookiebot would just handle that issue for me. I realise that may be asking the impossible and was due to my misunderstanding of the documentation.

    I’ve just been reading the information on https://wordpress.org/plugins/cookiebot/ and it seems to have moved on a bit since I last checked it. It seems I’m right and there is no easy solution to this… There’s still a fair bit of work to do for each site, despite paying for Cookie Bot.

    This article has cleared up my confusion about the necessary cookies…
    https://support.cookiebot.com/hc/en-us/articles/360004104033-What-does-prior-consent-mean-and-how-do-I-implement-it-

    I’d spotted the Cookiebot Add-ons, but it wasn’t obvious how they work. It appears to be an automatic process. I have two listed as available and both are auto enabled. One relates to a plugin in use and Embed autocorrect appears not to be plugin related and just covers general site functionality.

    “If we are missing a plugin, you can create an issue on the Github page, and we’ll have a look at it.”
    We use 147 different plugins across our sites, with each site averaging about 30 plugins. I’m trying to establish the most efficient way to keep on top of all this.

    Initially, I’d planned to just check that the cookie files aren’t set until I consent. This doesn’t seem practical because not all cookies would be loaded on the home page, so multiple page test per site would need to take place.

    I guess I need to contact all 147 plugin developers and ask if their plugin is set to block cookies until consent via Cookiebot? Tick of the ones that confirm and let you know about any others.

    What happens if I have a reply saying they are compliant and then it turned out an update to their plugin, has made it uncompliant. Who’s to blame? Am I responsible for getting reconfirmation from each developer after every update? Am I responsible for physically checking that the plugin doesn’t store a cookie file before consent, on each and every website, every time we do updates, which is pretty much daily?

    When reading up on GDRP initially, I’d read that Google Analytics was going to be a challenge, but Monster Insights would take care of it all for me. This sounded great until I realised it required the Pro Add On at $199 / year. I’d also read that if you block cookies until consent, you don’t need to worry about Google Analytics. This was one of the reasons the Cookiebot fees seemed so reasonable… In my opinion, they were already saving me $199 / year. A typical client won’t pay $199 / year for a GDPR compliant Google Analytics script on their website. Based on the fact you have 5 Google Analytic related add-ons, I’m guessing most people are just opting for a different solution. I can see Monster Insights losing a lot of active users by not making their free version GDPR compliant.

    Thanks for pointing out the “First found URL”, I had overlooked this and it will be extremely useful.

    Plugin Author cookiebot

    (@cookiebot)

    Yes, I was referring to the subscription fee.
    It didn’t exactly go down well, trying to sell a monthly subscription fee for a cookie popup that drives most people mad.

    It’s not free for us to deliver a SaaS solution to > 140K websites. We are using resources to scan your website, provide a banner that loads fast for your end users (with servers around the world), storage of consents, a state-of-the-art cookie scanner, finishing off with a monthly report + more. You are paying for a service. There are of course other free options.

    You, as the owner of a website, are responsible for all tracking going on, regardless if that tracking is coming from a 3rd party such as Facebook or Google (through plugins).

    We believe that the best solution for WordPress would be something in the lines of what we have proposed here: https://core.trac.wordpress.org/ticket/44043.

    It is not sustainable for you to update each plugin manually for all of your 100 websites. As you have probably realized by now, this is not Cookiebot’s fault. It seems that we are the only cookie plugin trying to help and solve the problem.

    So what can you do to help yourself? You could try to raise your voice in the different channels, e.g in WP’s #core-privacy Slack channel, or in the bug tracker.

    If you have developers, you are welcome to have them contribute to our Addons. It is also very easy to integrate with Cookiebot as described in our documentation.

    Apologies if my frustration has felt like it’s been directed at Cookiebot.

    I appreciate the benefits of this service and understand the costs associated, but it’s a tough one to convince the client.

    Thanks for your time.

    Plugin Author cookiebot

    (@cookiebot)

    @rapportdesign

    I appreciate the benefits of this service and understand the costs associated, but it’s a tough one to convince the client.

    As a reseller, you can offer your customers up to 20% in discount.

    Please read:

    https://support.cookiebot.com/hc/en-us/articles/360004976454-As-a-reseller-retail-model-can-I-offer-a-price-discount-to-my-customers-

    Moreover, if you haven’t bought in on why the GDPR and ePR are necessary, it will be hard for you to convince your customers to pay for their visitors security.

    We can highly recommend Shoshana Zuboff’s book “The Age of Surveillance Capitalism” which was published in English this January. It is a big work that took her 7 years to put together and it very thoroughly explains how we ended up where we are today – where everyone’s data and experiences are extracted as raw material and used for commercial purposes.

    • This reply was modified 8 months, 2 weeks ago by cookiebot.
    • This reply was modified 8 months, 2 weeks ago by cookiebot.

    The 20% will help cover the time I need to spend regularly monitoring each site.

    For those that want a quick insight into the book you’ve recommended, they may find this link useful. https://www.youtube.com/watch?v=Vo6K-bPh39M

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Still confused…’ is closed to new replies.