GDPR Traps
-
Kadence Blocks is a really good plugin and a valuable enrichment for every Theme, but sadly it contains 2 very evil GDPR traps, because loading ressources from external (USA) servers without prior user consent is not allowed in Europe: https://gdpr-info.eu/
A) Using additional Google Fonts in Advanced Typography Settings:
Great feature, but these fonts are fetched from Google Server, which is a severe (and fined!) GDPR violation in Europe.
So, an option to load Google Fonts locally (like in Kadence Theme, but usable in every Theme) would be necessary in Kadence Blocks to comply with GDPR.B) Inserting Kadence “Google Maps” block works out of the box. But displaying the map on the frontend with pageload is also a GDPR violation out of the box.
To make Google Maps (or any other embedded service) GDPR conform, it needs a 2 step approach:
1.) No external server connection on simple pageload: Show only a local placeholder image or button (including an added GDPR warning and consent advisory)
2.) Only a click on the placeholder or button (= active user action as consent) loads the content from external server.
Maybe you could change something in this direction to make Kadence Blocks legally usable with all out of the box features in GDPR Europe too?
- The topic ‘GDPR Traps’ is closed to new replies.