GDPR and cookie banner with Paypal

[unbranched]

Hi,

I don't use any analytical/statistical cookies on my website, but when a user buys a product can use Paypal to checkout.

As far as I understand, I MUST add a cookie banner that can selectively block the installation of analytical/statistical cookies due to Paypal cookies.

I'm currently using the "EU Cookie Consent" module that links the above explanation in my privacy policy.

You can understand that this is not enough, so what can I do? Does the Cookiebot module handle this problem? If yes and if the user denies the consent, how the checkout page will be shown? Will the payment just fail?

I'd like to know some personal experience before considering to pay for Cookiebot. Are there any free alternatives out there, even js scripts that can be added?

Edited January 11, 2022 by unbranched

[haylau]

I use cookiehub.com - the free version.

It scans your website and shows you what cookies are there, and also has a good go at categorising them. You can then manually categorise each one also. So categorise the main paypal ones as essential for example which means the customer can not reject them, and categorise others as analytical or marketing

[unbranched]

"So categorise the main paypal ones as essential for example which means the customer can not reject them"

Ha! This totally kills the purpose of GDPR, never thought about this.

Better find another solution, anyway thanks for sharing!

[haylau]

2 hours ago, unbranched said:

Ha! This totally kills the purpose of GDPR, never thought about this.

 

No, it doesn't. It is recognised that certain websites need certain cookies to function. With such cookies an ecommerce website will not work. Therefore turning them off is not an option.

Your bank website needs coookies to ensure you are still logged in. So there is no option to not accept those.

Ecommcere websites need cookies to maintain the shopping cart and take payments, so there should be no option to not accept them

Certain types of cookies are exempt  from infomred consent based on the "strictly neceesary" exemtpion. I think it is more about PECR than GDPR:

https://www.cookieyes.com/cookie-consent-exemption-for-strictly-necessary-cookies/

That's my opinion anyway

[unbranched]

 Trust me, I would 100% agree with you if it was 1 week ago. The problem is that I just discovered I need to handle this Paypal thing because they use analitycs cookies when the user buys. That's the point of this thread.

So, sadly is not a necessary technical cookie anymore and I must give the user a choice. With your method you include all Paypal cookies included the analytics ones (unless cookiehub allows a more granular selection, I don't know), so I GUESS you're doing it wrong.

Thirtybees is an ecommerce software, I bet 90% of its userbase uses Paypal module, so I really wonder why I can't find other topics about this. Looks like a big priority to me.

Please tell me if I'm wrong, comments are welcome.

[DRMasterChief]

2 hours ago, unbranched said:

 ...because they use analitycs cookies when the user buys. .....

Hi, can you point to this at a Paypal website please?  Or any other official comment from Paypal?  We are also doing in Germany and maybe i can help with some information.

[unbranched]

8 hours ago, DRMasterChief said:

Hi, can you point to this at a Paypal website please?  Or any other official comment from Paypal?  We are also doing in Germany and maybe i can help with some information.

I know we need to be careful with internet sources, anyway my primary was this , that links to this Paypal page.

One other source is this, that shows a consequence of denying marketing cookies.

[unbranched]

Ok I spent too much time but I solved this with DIY... now my script handles everything. At least I don't have to pay those online services.

Would be great if TB will offer a more complex module to handle this GDPR complications.