Tweak privacy choices, do NOT save them in a cookie
Due to the EU GDPR you recently introduced the "privacy" choices when you log in.
Considering data minimization is a key point in it, the default preselected options must be the ones that keep the data at a minimum. So, perhaps change the defaults to off, instead of on.
But many websites don't care about this point.
Secondly, for god's sake, do NOT save those settings - that you only see when you login - in a cookie alone. That information is vital in a sense for the website to work correctly, so saving it on the account is justified.
Considering that when you have strict data privacy settings on your browser, the browser will delete that cookie when the browser is closed.
Ultimately meaning, each time the browser is started again and you log in to your account, you have to tick each preselection from on to off, then save again. That is incredibly tedious and most of all infuriating after a few days.
Please, for the sanity of others and mine, change at least one of these ASAP.
I heard back and unfortunately they said this solution can only work with client side cookies and there isn’t a way to reliably store this server side.
Correct, there isn't a way to save the values to our database, then restore them via the cookies needed by the popup. I inquired with our provider and they indicated the user needs to interact with the popup and its not something we can set programmatically. The user must opt in or out themselves. I understand what you're saying, but unfortunately resetting the Trakt cookies on each sessions isn't a common use case. I also asked about the default values and our provider indicated the popup is acceptable as it is.
What. You cannot save the settings (not the ad cookies themselves) on the user in your DB? Are you joking?
Twitter gets it right. Take that as an example how it's done.
Sure, the vendors and advertises don't fucking care about GDPR. Shocker.
Yet again, you are still violating the GDPR by pre-selecting the settings to collect and save anything. Reverse the choices to the minimal settings by default as it has to be.
Oh, you lose revenue if you change that, you say? Well, shit. That's not my problem, take that up with the EU or block EU users or use advertises that are compliant with EU GDPR...
After almost 5 years logging in almost daily, this tiny fucking modal is one main reason why I only log in once in a while anymore. IT'S THAT AGGRAVATING.
If you have the information saved on the account you can set the cookie accordingly when a user logs in. There's no need to rely on the information only in a cookie that is destined to be removed sooner than later.
I'll talk more with our providers, but I believe using client side cookies is a requirement for a lot of these vendors and advertisers. They use the consent cookie to tailor their service. That's my understanding at least. I'll let you know if I hear any additional info.