The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy. When creating and running a website in the EU, this should be conform the GDPR. The use of cookies is one example that has to be in line.



NEW: Data Protection menu

We have added a Data Protection menu, where you can select the data protection settings for your website. You can find this in inCMS in the left menu: Settings -> Data protection. 

With this new menu we have developed an integrated solution with an Information & Consent Banner. You can enable this banner to inform website visitors about data protection and privacy on your website. You now also have the possibility to offer your website visitors the option to enable/disable certain features themselves. This new data protection menu enables you to make all the settings exactly as you like, and, if needed, to customize them differently for each feature. 

  


By default all settings are set to “enable” (this is the same as how it was in the past). Per topic (for example statistics, Google Fonts, use of YouTube videos, etc.) you can select your preferred settings. How to do this and which effect this has will be explained in more detail below. We recommend customers to make their own decisions regarding this topic, as each website is different. 

 

Banner & Appearance

When ticking the box “Declare”, your website visitors will see a banner, which gives general information about inCMS, data protection and cookies. Under Appearance you can change the lay-out of the banner (light or dark color scheme, position on the screen, etc.). Here you can also change the banner text content and the button texts (click on the link “edit text contents”). You will have tabs to change/define the text for each of your website languages. In the text you can add a link to, for example, a page or document on your website with your privacy policy.



When you have ticked only the Banner declare tick box, the banner will be very short and simple (see screenshot), giving information on just inCMS.



Checkboxes

The banner will contain one or more checkboxes. You can decide whether you want these checkboxes to be checked already, or whether the website visitors should check them actively themselves (by leaving them unchecked). The 3rd option "check on agree" will mark all checkboxes as checked when a website visitor clicks the accept button. Important: when you choose this option, this should be clear for the website visitor. Rename the button to, for example "Select all and agree".  



Link to re-open the Banner

A website visitor will see the banner during his first website visit. When you change the data protection settings, it will be shown again. A website visitor will not see the banner during next visits (when you haven't made any changes). 


To give your website visitor the chance to re-open the banner, reread the information, and/or change his consent settings, you can insert a link in your website. You can do so in the footer of your website, on a subpage discussing data protection, or on any other place. To do this, add or edit for example a text element. Select the relevant text and click on the 'link' symbol in the editing menu. Select the option "#showdataprotection" as link. Click "ok" and "save". When a website visitor clicks this link, the banner will be shown again and your visitor can reread the text and/or make consent changes.



Statistics (Matomo / Piwik)

Matomo (Piwik) is website analytics software. inCMS uses this to track info on for example the number of visitors of your website. The tool uses anonymized IP-addresses and the data is also stored anonymously. Matomo / Piwik is available for all types of inCMS Websites. 

 

There are four options to choose from in the data protection menu:

  • Enable: your website will use the statistical info.

  • Enable and declare: your website will use the statistical info and your website visitors will be informed about this in the banner.

  • Require consent to enable: the banner will show Statistics in the banner, but with the tickbox unticked. Only when a website visitor ticks the tickbox, will this feature work. Note: with this option your statistics will not be 100% correct, as it will track website visitors who give consent, but it doesn’t track website visitors who don’t give consent (and you will not know their number). 

  • Disable: your website won’t collect and store the data and you won’t be able to see your website statistics. Old data will still be stored.

 

When you want to delete historical statistical data, click the link “Delete all tracked data”. Be careful! This cannot be undone and your historical data will be removed permanently. 



Note: when you are logged into the website and want to test the Cookie-Banner, you will have to do so in an Incognito window. The Piwik message will not be shown in a ‘normal’ window, when you’re logged in at the same time. This is because your own website visits are not counted in the statistics. 

 

Fonts (and Google Fonts)

When you use a Google Font, your website connects with Google Fonts (and thus with Google Servers) to display all non-standard fonts correctly. It then loads the required web fonts in the visitors browser cache. 

Just as with the statistics, you can choose out of 4 options: enable, enable and declare, require consent to enable and disable. These options will work in a similar way as with the Statistics. You can try a setting and then test what the banner looks like and how the website will function. 

 

When you use Google Fonts and you have set the font data protection settings to ‘disable’, a website visitor will see your website displayed in a default font. 

 

If you don’t want your website to connect with the Google servers, you can choose a system font (for example Arial). Alternatively, you can download and install a Google Font on your website (self-hosted).

For more information, see:

https://support.swissmademarketing.com/en/support/solutions/articles/3000094733-add-new-font


3rd Party Contents

In this section you can make the settings for website features that are included in inCMS, but provided by or dependent on 3rd parties: YouTube and Vimeo videos, Facebook and Disqus. For each of these features you have 3 options:

  • Enable 

  • Enable and declare (in the banner)

  • Require consent to enable (in the banner, the content will only work when a website visitor has given consent by ticking the relevant tickbox)

 

When, for example, you’ve chosen “require consent to enable” for YouTube and a website visitor hasn’t given consent, your YouTube videos won’t be shown. Instead the visitor will see a grey box with the text “YouTube requires your consent to work!” and a button to the Data Protection Settings. When the website visitor clicks the button, the banner will be shown again. When the website visitor has changed his mind, he can tick the YouTube tickbox, click accept and now the video will be shown. 



There is no option ‘disable’ for the 3rd party contents. In case you would like to disable them, you’d best not add them into your website.

 

Global Scripts (Analytics, …)

When you use for example Google Analytics, Facebook Pixel, Google Tag manager, etc. you will want to add these to the data protection settings too. You can do so under the “Global Scripts” part. We recommend you to add all global scripts here (even if you’d like to set the settings to ‘enable’), so you can keep a good overview. Once you’ve added a script here, you don’t need to add it to another part of the website anymore.

 

For each feature you have 3 options: enable, enable and declare, require consent to enable. Again, there is no option ‘disable’. In case you would like to disable, you’d best not add this feature into your website.

 

To add a script, click “add”. A menu appears. 

Under the tab “Global Script” you have to enter:

  • Name: name for the script

  • Regulation: If you’d like to enable, enable and declare, or require consent to enable the script

  • Position: if you’d like to add the script to head, body begin or body end. For most scripts, you will have instructions which of these options to use. If not sure, we recommend you to use body end. 

There will be another tab for each language. Here you will have to enter:

  • Description: here you can describe, for example, what data will be saved, why this will be saved and for how long it will be saved. This text will be shown in the banner (the same way as the extra info on inCMS in general is shown).

  • Code / snippet: here you need to add the script code in format <script>ADDCODE;</script>



Custom Contents (for Sourcecode Module)

It might be that you have added custom content through our Sourcecode Module, for example if you use a Wistia video or Google Maps map. Features that require declaration or consent in the data protection banner, can be added to the banner using this part of the data protection menu.

 

For each feature you have 2 options: enable and declare, or require consent to enable. There is no option ‘enable’. When you have a feature on your website, using the Sourcecode module, and you haven’t added it here in the Custom Contents list, it is basically set to ‘enable’ (it works and the website visitor won’t be informed about it in the banner).  Again, there is no option ‘disable’. In case you would like to disable, you’d best not add this feature into your website.

 

To add a Sourcecode module feature, click “add”. A menu appears. 

Under the tab “Custom content” you have to enter:

  • Name: name for the feature (you can choose a name yourself, for example ‘Google Maps’ or ‘Wistia videos’)

  • Regulation: If you’d like to enable and declare, or require consent to enable

There will be another tab for each language. Here you will have to enter:

  • Description: here you can describe, for example, what data will be saved, why this will be saved and for how long it will be saved. This text will be shown in the banner (the same way as the extra info on inCMS in general is shown).

 

If you’ve chosen the option ‘enable and declare’, you don’t need to do anything else. 

 

If you’ve chosen the option ‘require consent to enable’ you will need to do one more thing: once you have saved the data protection settings, you can go to your webpage with the relevant sourcecode module. Now you can either add a module with the required content or edit an existing module. The sourcecode module has now a tab “settings”. Under “require consent to enable” you can now see a list of names. These correspond to the name(s) you have used when adding topic(s) to the custom contents fields in the data protection menu. For example ‘Google Maps’ or ‘Wistia videos’. Note: it will only show the names of topics with data protection set to  ‘require consent to enable’.



Once you’ve created data protection settings for a feature/topic in the data protection menu, you can select it in any sourcecode module. This way you can use one topic for several modules (for example you only have to make the data protection settings for Wistia videos once, and can then assign the Wistia videos setting to all your relevant sourcecode modules by selecting this option in the sourcecode editing menu).

 

Cookies

inCMS uses only a minimum of cookies: only there and then when it’s necessary to run (parts of) the website. Cookies are used for:

  • Login part of Member Pages (to save the logged in visitor)

  • Pop-Up Module (so a website visitor will not see the popup again and again)

  • Timer-Flexies (to save the counter start time, linked to the first website visit)

The default banner text informs website visitors about this in more general terms. A visitor won’t be able to disable these features, as these are required to have the website working well. This is in line with law and regulations.

 

Old EU Cookie Law Module

In the past you could add an EU Cookie Law Module to your website. With this module you would show a banner to inform website visitors that the website uses cookies. A visitor could click on a link to accept or to get more info. 

 

This EU Cookie Law Module is no longer needed, now we have developed the new data protection menu. As soon as you have clicked ‘save’ once in the new data protection menu, the old banner will not be shown anymore to website visitors. We still recommend you to delete the module from your website, as it’s no longer needed.

 

Questions

If you have any questions about the data protection menu or the explanation in this article, please contact our support at [email protected].