Data Privacy and Consents
The Startup's Online Toolkit
The Startup's Online Toolkit
June 24, 2018

One thing about an unreleased side-project is that you can skip niceties like legal consents that get in your way. Like most engineers I generally see these things as a bit of a pointless hassle as nobody ever reads the text and just blindly clicks through. However, with public focus on the legalities of data privacy due to various scandals and the implementation of GDPR, the time for buying your head in the sand on this is passed.

The first thing I had to do was deal with cookie consents. Technically, this isn’t strictly necessary as linkalist relies on session cookies which expire when a user’s session is complete. However, we do use third-party tools like Google Analytics which use cookies so it is best to be sure about things. So ironically enough, I ended up implementing my first cookie to store the cookie consent since this should be gathered before the user has logged in.

The next step was to work out policies. My general policy with data gathering is that if I don’t need it, don’t gather it. And I personally consider it pretty not cool to abuse data I get. However, sadly, not everyone behaves this way, so it’s best to put some policies in place so everyone knows where they stand. Now, to do this with lawyers and all is going to be a fairly expensive process but luckily the people behind Wordpress are incredibly cool about their legal documentation so they make all of it available under a Creative Commons licences. So, a quick edit of the Wordpress T&Cs, Privacy Policy and Cookie Policy documents gets me to a point more than good enough for my purposes. The policy documents can easily be hosted on the standard linkalist landing page structure.

Finally, I needed to add in a popup to get positive acceptance of the Terms and Conditions along with specific consents for marketing emails just to be sure we have got proper permission to contact the customer. 

Because of the way linkalist works, all of this work translates into features available to client sites. It is obviously only fair that the legal documents that we got under a Creative Commons licence are made available to others under the same agreement. We have also added options to the Application Settings to allow the gathering of consents for various actions on all client Applications.