My SellerDeck Account | Newsletter | Free Trial

Community and Knowledge Base

  #16  
Old 21-Dec-2017, 02:32 PM
graphicz's Avatar
graphicz graphicz is offline
Registered User
Join Date: May 2007
Full Name: Jonathan Chappell
Posts: 747
Thanks: 60
Thanked 102 Times in 81 Posts
Gdpr

Please read the above links and take what I say here without warranty express or implied, but...
GDPR is relatively straightforward and you can modify Sellerdeck/Actinic Desktop versions relatively simply to comply.

You need to:
1. Ask before you collect data.
2. Explain why you need the data
3. Look after the data
4. Don't share the data
5. Delete the data when asked
(If you want/need to share the data especially if you want to share it outside the EU you need to study the documents in depth and make appropriate decisions.)

Create a Privacy Policy along the lines of the link above and paste it into SD. You can paste it in addition into the Privacy Policy section of Terms and Conditions in Business Settings, or you can repace this by pasting into the Layout Code Privacy Policy Text.

In Page type Checkout Page 0 open the Layout 'Both Addresses address Fields RWD'
Comment out lines 112 and 113: (Moving in One Month RWD and Keep Details Private RWD


Copy the two layout expressions and paste them above 'Both Address Salutation RWD' line 89ish.


Open Responsive CSS, look for invoicePrivacy line 1230 and add a reference to inoviceMoving so it looks like this:
Code:
.content-area form .checkout label.rememberMeText, .content-area form .checkout label.invoicePrivacy, .content-area form .checkout label.inoviceMoving {width:85%; float:left;}
Design Text GoTo Phase 0 ID 15

Tick Show and Required of Invoice Privacy Check Status, and change Current Value to:
Code:
We do not share your data with anyone else, but we may email you from time to time with relevant information about our products and services. Please tick this box if you consent to this. <a href="info.html"><em>Privacy</em></a>
Design Text GoTo Phase 0 ID 13

Tick Show and Required of Invoice Moving Check Status, and change Current Value to:
Code:
To process and deliver your order we need to collect your name, address, email address and telephone number. Please tick here to consent to us doing this. If the box is unticked we will not be able to process your order. <a href="info.html"><em>Privacy</em></a>
You are now getting consent to collect data and to use the emails for newsletters etc. If you want to do more with the data best check the regulations yourself. We should ask if our payment processors and Mailchimp are GDRP as it is our responsibility if they collect/use data on our behalf.

Now we need to explain why we need the data.

At the bottom of the Responsive Outer Layout (or whatever is your outer layout) and before the </body> tag paste:
Code:
<script type="text/javascript" src="https://ajax.aspnetcdn.com/ajax/jquery.ui/1.10.0/jquery-ui.js"></script>
    <script>
$(function () {
    $(document).tooltip({
        content: function () {
            return $(this).prop('title');
        },
        show: null, 
        close: function (event, ui) {
            ui.tooltip.hover(

            function () {
                $(this).stop(true).fadeTo(600, 1);
            },

            function () {
                $(this).fadeOut("600", function () {
                    $(this).remove();
                })
            });
        }
    });
});
</script>
Note: If you use Fancybox this script will stop the title appearing under the fancybox large image in preference to displaying a tooltip. It is better here to use a blockif"<actinic:variable name="PageType" /> == 'Checkout Page 0'" round the JS code.

At the bottom of Javascript Header Functions paste this:
Code:
<link href="http://ajax.aspnetcdn.com/ajax/jquery.ui/1.10.0/themes/black-tie/jquery-ui.css" rel="stylesheet" type="text/css" />
At the bottom of Current Stylesheet paste:
Code:
  .red {
      color: red;
  }
You then need four bits of code to add popups to the respective checkout inputs:
Code:
title="<span class='red'>To process and deliver your order we need to collect your name. <a href='info.html'><em>Privacy</em></a></span>"

title="<span class='red'>To process and deliver your order we need to collect your address. <a href='info.html'><em>Privacy</em></a></span>"

title="<span class='red'>We need to collect your email address to communicate with you about your order. <a href='info.html'><em>Privacy</em></a></span>"

title="<span class='red'>We need to collect your telephone number to communicate with you about your order. <a href='info.html'><em>Privacy</em></a></span>"
This is where these bits go:

Both Addresses Name RWD - the first input box change to read:
Code:
<label><actinic:block if="%3cactinic%3avariable%20name%3d%22InvoiceFirstNameRequired%22%20%2f%3e" ><span id="idINVOICEFIRSTNAMElabel" class="actrequired"></actinic:block><actinic:variable name="InvoiceFirstName" /><actinic:block if="%3cactinic%3avariable%20name%3d%22InvoiceFirstNameRequired%22%20%2f%3e" >*</span></actinic:block></label>
		<div class="InvoiceField">
			<input title="<span class='red'>To process and deliver your order we need to collect your name. <a href='info.html'><em>Privacy</em></a></span>" type="text" id="idINVOICEFIRSTNAME" name="INVOICEFIRSTNAME" size="30" maxlength="40" value="<actinic:variable name="InvoiceFirstNameOnline" selectable="false" />" tabindex="NETQUOTEVAR:TABINDEXINVOICEFIRSTNAME">
		</div>
Both Addresses Line 1 RWD - the first input box change to read:
Code:
<label><actinic:block if="%3cactinic%3avariable%20name%3d%22InvoicePrompt004Required%22%20%2f%3e" /><span class="actrequired"></actinic:block><Actinic:Variable Name="InvoicePrompt004"/><actinic:block if="%3cactinic%3avariable%20name%3d%22InvoicePrompt004Required%22%20%2f%3e" />*</span></actinic:block></label>
<div class="InvoiceField">
	<input title="<span class='red'>To process and deliver your order we need to collect your address. <a href='info.html'><em>Privacy</em></a></span>" type="text" name="INVOICEADDRESS1" size="30" maxlength="200" value="<actinic:variable name="InvoiceAddress1" selectable="false" />" tabindex="NETQUOTEVAR:TABINDEXINVOICEADDRESS1" />
</div>
Both Addresses Phone RWD - the first input box change to read:
Code:
<label><actinic:block if="%3cactinic%3avariable%20name%3d%22InvoicePrompt010Required%22%20%2f%3e" /><span class="actrequired"></actinic:block><Actinic:Variable Name="InvoicePrompt010"/><actinic:block if="%3cactinic%3avariable%20name%3d%22InvoicePrompt010Required%22%20%2f%3e" />*</span></actinic:block></label>
<div class="InvoiceField" >
	<input title="<span class='red'>We need to collect your telephone number to communicate with you about your order. <a href='info.html'><em>Privacy</em></a></span>" type="tel" name="INVOICEPHONE" size="20" maxlength="25" value="<actinic:variable name="InvoicePhone" selectable="false" />" tabindex="NETQUOTEVAR:TABINDEXINVOICEPHONE" />
</div>
Both Addresses Email RWD - the first input box change to read:
Code:
	<label><span id="idINVOICEEMAILlabel" <actinic:block if="%3cactinic%3avariable%20name%3d%22InvoicePrompt012Required%22%20%2f%3e" /> class="actrequired"</actinic:block> ><Actinic:Variable Name="InvoicePrompt012"/> <actinic:block if="%3cactinic%3avariable%20name%3d%22InvoicePrompt012Required%22%20%2f%3e" />*</actinic:block></span></label>
	<div class="InvoiceField" >
      <input title="<span class='red'>We need to collect your email address to communicate with you about your order. <a href='info.html'><em>Privacy</em></a></span>" type="email" id="idINVOICEEMAIL" name="INVOICEEMAIL" size="30" maxlength="255" value="<actinic:variable name="InvoiceEmail" selectable="false" />" tabindex="NETQUOTEVAR:TABINDEXINVOICEEMAIL" />
   </div>
These give popup boxes explaining why you need the data. Try it at http://www.webeg.co.uk/gdpr/

When you download the order and open the order in 'Orders' the boxes are ticked. The wording ideally needs changing and I think you might need Crystal Reports to do this, however you will know regardless of the caption that if the two boxes are ticked that consent is given.


If yu want them to appear in the customer email checkout the AUG page 127 http://portal.sellerdeck.co.uk/index...ed-user-guide1

All without prejudice, and without any warranty express or implied. Please satisfy yourself with the requirements laid out in the documents referred to in above posts.
__________________
Jonathan Chappell
Website Designer
SellerDeck Website Designer
Actinic to SellerDeck upgrades
Graphicz Limited - www.graphicz.co.uk

Last edited by graphicz; 04-Jan-2018 at 09:16 AM.. Reason: BlockIf JS for Checkout Page 0 if using Fancybox
Reply With Quote
The Following User Says Thank You to graphicz For This Useful Post:
saucysal (28-Dec-2017)
  #17  
Old 21-Dec-2017, 03:59 PM
brucet brucet is offline
Administrator
Join Date: Apr 2003
Full Name: Bruce Townsend
Posts: 954
Thanks: 57
Thanked 225 Times in 135 Posts
We recently published a blog article with some useful information:
http://www.sellerdeck.co.uk/2017/12/14/need-know-gdpr/

We will be following this up in due course with more tangible information relating specifically to our own products and services
__________________
Bruce Townsend
Ecommerce Product Manager
SellerDeck Ecommerce Solutions
Reply With Quote
  #18  
Old 28-Dec-2017, 09:54 AM
saucysal saucysal is offline
Registered User
Join Date: Oct 2004
Full Name: Sarah Mabbitt
Posts: 799
Thanks: 53
Thanked 34 Times in 28 Posts
SSL whole site?

I do not understand why an ssl certificate needs to be applied for the whole site. We have it applying to the registration/login system and to the Checkout. Customers do not enter any personal information anywhere else. Having it for the whole site messes up existing links in search engines and elsewhere. A couple of years ago I tried to set up an .htaccess file to redirect https to http and it broke the site each time - wasted a lot of time trying to get it to work and had to give up. I guess I will have the same problem with the reverse. I do not want to change to Sellerdeck 365 to get the .htaccess code that will work.

Sarah
Reply With Quote
  #19  
Old 29-Dec-2017, 11:49 AM
saucysal saucysal is offline
Registered User
Join Date: Oct 2004
Full Name: Sarah Mabbitt
Posts: 799
Thanks: 53
Thanked 34 Times in 28 Posts
Been reading up Google's Advice

I have today, orders being slack, been reading up on Google's advice, straight out of the horse's mouth, about ssl. They say that it must be installed on pages that handle customers' names, addresses, email addresses and telephone numbers, and passwords and any payment details. This means pages handling registrations, logins and Checkout. In Sellerdeck this can easily be done with a tick of a Checkbox. It does NOT say that the whole site needs to be in ssl.

Sarah
Reply With Quote
  #20  
Old 29-Dec-2017, 12:19 PM
graphicz's Avatar
graphicz graphicz is offline
Registered User
Join Date: May 2007
Full Name: Jonathan Chappell
Posts: 747
Thanks: 60
Thanked 102 Times in 81 Posts
Hi Sarah

Who are you hosted with? I will post some alternative http to HTTPS redirects that work. Heartinternet for example needs a particular code.

These are the redirects I use - uncomment the one (only one) you want to use:

Code:
## Write all pages to https: uncomment if wanted
#RewriteEngine On
#RewriteCond %{HTTPS} off
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

##OR

#RewriteEngine On
#RewriteCond %{HTTPS} !=on
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

## OR ##

#RewriteEngine On 
#RewriteCond %{SERVER_PORT} 80 
#RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

## OR ##

# Forcing HTTPS
RewriteCond %{HTTPS} !=on
# Pages to Apply
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

#EDIT: ***** Please note – if you’re on a Heart Internet server, you will need to use: ******
# All calls go to SSL
#RewriteEngine On
#RewriteCond %{ENV:HTTPS} !=on
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
It doesn't work if it is too high up the htaccess, it needs to be after pretty much everything else and before the 404/301 page redirects (after domain 301 redirects) like this:

Code:
# Turn on Expires and set default to 0 
ExpiresActive On 
ExpiresDefault A0 
## EXPIRES CACHING ##
<IfModule mod_expires.c>
ExpiresActive On
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType text/css "access plus 1 month"
ExpiresByType application/pdf "access plus 1 month"
ExpiresByType text/x-javascript "access plus 1 month"
ExpiresByType application/x-shockwave-flash "access plus 1 month"
ExpiresByType image/x-icon "access plus 1 year"
ExpiresDefault "access plus 2 days"
</IfModule>
## EXPIRES CACHING ##

# compress all text, js, css & html:
 AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css application/x-javascript 

<IfModule mod_deflate.c>
  # Compress HTML, CSS, JavaScript, Text, XML and fonts
  AddOutputFilterByType DEFLATE application/javascript
  AddOutputFilterByType DEFLATE application/rss+xml
  AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
  AddOutputFilterByType DEFLATE application/x-font
  AddOutputFilterByType DEFLATE application/x-font-opentype
  AddOutputFilterByType DEFLATE application/x-font-otf
  AddOutputFilterByType DEFLATE application/x-font-truetype
  AddOutputFilterByType DEFLATE application/x-font-ttf
  AddOutputFilterByType DEFLATE application/x-javascript
  AddOutputFilterByType DEFLATE application/xhtml+xml
  AddOutputFilterByType DEFLATE application/xml
  AddOutputFilterByType DEFLATE font/opentype
  AddOutputFilterByType DEFLATE font/otf
  AddOutputFilterByType DEFLATE font/ttf
  AddOutputFilterByType DEFLATE image/svg+xml
  AddOutputFilterByType DEFLATE image/x-icon
  AddOutputFilterByType DEFLATE text/css
  AddOutputFilterByType DEFLATE text/html
  AddOutputFilterByType DEFLATE text/javascript
  AddOutputFilterByType DEFLATE text/plain
  AddOutputFilterByType DEFLATE text/xml

  # Remove browser bugs (only needed for really old browsers)
  BrowserMatch ^Mozilla/4 gzip-only-text/html
  BrowserMatch ^Mozilla/4\.0[678] no-gzip
  BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
  Header append Vary User-Agent
</IfModule>
 
 ## Gzip compression
<ifModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file .(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>
 
# Set up caching on media files for 1 year (forever?) 
 <FilesMatch ".(flv|ico|pdf|avi|mov|ppt|doc|mp3|wmv|wav)$"> 
 ExpiresDefault A29030400 
 Header append Cache-Control "public" 
 </FilesMatch> 
 
# Set up caching on media files for 1 week 
 <FilesMatch ".(gif|jpg|jpeg|png|swf)$"> 
 ExpiresDefault A604800 
 Header append Cache-Control "public" 
 </FilesMatch> 
 
# Set up 7 day caching on commonly updated files 
 <FilesMatch ".(xml|txt|html|js|css)$"> 
 ExpiresDefault A604800 
 Header append Cache-Control "proxy-revalidate" 
 </FilesMatch> 
 
## Force no caching for dynamic files 
 <FilesMatch ".(php|cgi|pl|htm)$"> 
 ExpiresActive Off 
 Header set Cache-Control "private, no-cache, no-store,
 Header set Pragma "no-cache"  
 </FilesMatch>
 
Options +FollowSymLinks

RewriteEngine on

RewriteBase /

## force "www"

RewriteCond %{HTTP_HOST} ^domain\.co\.uk$ [NC]
RewriteRule ^(.*)$ http://www.domain.co.uk/$1 [R=301,L]
## Add if SSL
#RewriteCond %{HTTP_HOST} !^$
#RewriteCond %{HTTP_HOST} !^www\. [NC]
#RewriteCond %{HTTPS}s ^on(s)|
#RewriteRule ^ http%1://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

## remove 'index'

RewriteRule ^index\.(php|html?)$ http://www.domain.co.uk/ [R=301,L]

## 301 redirect alternate domain names 

RewriteCond %{HTTP_HOST} ^www.anotherdomain.co.uk$ [NC,OR]

RewriteCond %{HTTP_HOST} ^anotherdomain.co.uk$ [NC]

RewriteRule (.*) http://domain.co.uk/$1 [R=301,L]

## Write all pages to https: uncomment if wanted
#RewriteEngine On
#RewriteCond %{HTTPS} off
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]

##OR

#RewriteEngine On
#RewriteCond %{HTTPS} !=on
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

## OR ##

#RewriteEngine On 
#RewriteCond %{SERVER_PORT} 80 
#RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

## OR ##

# Forcing HTTPS
RewriteCond %{HTTPS} !=on
# Pages to Apply
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]

#EDIT: ***** Please note – if you’re on a Heart Internet server, you will need to use: ******
# All calls go to SSL
#RewriteEngine On
#RewriteCond %{ENV:HTTPS} !=on
#RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}


##Error Pages


ErrorDocument 401 /not-found.html

ErrorDocument 400 /not-found.html

ErrorDocument 403 /not-found.html

ErrorDocument 500 /not-found.html

ErrorDocument 404 /not-found.html


##To redirect the contents of a whole directory to another:

#RewriteRule ^subdirectory/(.*)$ /anotherdirectory/$1 [R=301,NC,L]

## Page redirects

#Redirect 301 /acatalog/old-page.html http://www.domain.co.uk/acatalog/new-page.html
The other thing that messes things up is that if you elect to have SSL on the whole site in business settings payment and security, Sellerdeck does NOT rewrite
Code:
<actinic:variable name="CatalogURL" />
to the secure form. So if you have coded any/many URLs with this variable they will break the padlock. Sellerdeck expect you to trawl through the site changing
Code:
<actinic:variable name="CatalogURL" />
to
Code:
<actinic:variable name="SSLCatalogURL" />
which can be a pain.

You cannot enter https in the non SSL bit of network settings but this is the workaround:

Tick SSL on login and checkout and complete the SL and non SSL parts of the network settings apropriately.

Export the network settings

Change to SSL on whole site in business settings.

Edit all the http in the exported network settings file to https and import.

All will now be well.

I have done this a few times now and lknow it to be so. Example network settings follow. To check for causes of broken padlocks use: https://www.whynopadlock.com/

EG:
Code:
HTTPPROXYMODE	0
HTTPPROXYADDRESS	
HTTPPROXYPORT	80
HTTPPROXYUSER	
HTTPPROXYPASSWORD	
FTPPROXYMODE	0
FTPPROXYADDRESS	
FTPPROXYPORT	21
FTPPROXYUSER	
FTPPROXYPASSWORD	
SCRIPTID	1
SCRIPTEXT	.pl
SMTPHOST	localhost
WEBSITEURL	https://www.webeg.co.uk/abc/
IGNOREPASSIVEERRORS	true
USERELATIVECGIURLS	false
PATHTOPERL	/usr/local/bin/perl
USEENHANCEFTP	true
FTPBUFFERSIZE	4
FTPCLIENTTIMEOUT	15000
FTPRETRYDELAY	3000
FTPKEEPALIVEINTERVAL	30000
FTPSILENT	false
FTPMAXRETRIES	3
FTPCONNECTTIMEOUT	25000
SMTPAUTHREQUIRED	false
SMTPUSERNAME	
SMTPPASSWORD	
COMPRESSIONPACKETSIZE	1024
COMPRESSEDUPLOAD	true
SSLCATALOGURL	https://www.webeg.co.uk/abc/acatalog/
SSLCGIBINURL	https://www.webeg.co.uk/abc/cgi/
SSLPATHFROMCGITOCATALOG	../acatalog/
SSLFTPHOST	ftp.webeg.co.uk
SSLFTPUSERNAME	webegxxxx
SSLFTPPASSWORD	xxxxxxxxxxx
SSLPATHTOCGIBIN	public_html/abc/cgi/
SSLUSEPASSIVEFTP	false
CATALOGURL	https://www.webeg.co.uk/abc/acatalog/
ONLINESTOREFOLDERNAME	acatalog
CGIBINURL	https://www.webeg.co.uk/abc/cgi/
PATHFROMCGITOCATALOG	../acatalog/
FTPHOST	ftp.webeg.co.uk
FTPUSERNAME	webegxxxx
FTPPASSWORD	xxxxxxxxxxx
PATHTOCGIBIN	public_html/abc/cgi/
USEPASSIVEFTP	false
FTPPATHFROMCGITOCATALOG
__________________
Jonathan Chappell
Website Designer
SellerDeck Website Designer
Actinic to SellerDeck upgrades
Graphicz Limited - www.graphicz.co.uk
Reply With Quote
The Following User Says Thank You to graphicz For This Useful Post:
saucysal (02-Jan-2018)
  #21  
Old 29-Dec-2017, 12:21 PM
graphicz's Avatar
graphicz graphicz is offline
Registered User
Join Date: May 2007
Full Name: Jonathan Chappell
Posts: 747
Thanks: 60
Thanked 102 Times in 81 Posts
Problem is people are being told to look for the padlock and not seeing it may be an issue. Also any newsletter signups or anything on an 'ordinary' page will be problematic.

Also, if SSL is selected for Checkout, Login and Account details pages, the Contact us page (http://www.webeg.net/abc/cgi/mf00000...CTION=SHOWFORM) will be loaded as http and therefore insecure. The input boxes will therefore attract the browsers' increasingly unsettling popup warnings.

Finally Barclays ran a TV advert through the Christmas season about internet fraud telling people to 'Look for the padlock', the suggestion being that if there is no padlock the site may be suspect:

https://www.youtube.com/embed/vO1HVvgQCWA

__________________
Jonathan Chappell
Website Designer
SellerDeck Website Designer
Actinic to SellerDeck upgrades
Graphicz Limited - www.graphicz.co.uk
Reply With Quote
The Following User Says Thank You to graphicz For This Useful Post:
saucysal (02-Jan-2018)
  #22  
Old 03-Jan-2018, 05:26 PM
Mantra Mantra is offline
Registered User
Join Date: Jan 2011
Full Name: Martin Nichols
Posts: 46
Thanks: 20
Thanked 4 Times in 3 Posts
Quote:
Originally Posted by brucet View Post
We recently published a blog article with some useful information:
http://www.sellerdeck.co.uk/2017/12/14/need-know-gdpr/

We will be following this up in due course with more tangible information relating specifically to our own products and services
Will the follow up also address requirements covering the use of cookies considered in your Knowledge Base article: http://community.sellerdeck.com/show...ghlight=cookie? with respect to GDPR Recital 30?

Martin Nichols
Reply With Quote
  #23  
Old 04-Jan-2018, 09:10 AM
brucet brucet is offline
Administrator
Join Date: Apr 2003
Full Name: Bruce Townsend
Posts: 954
Thanks: 57
Thanked 225 Times in 135 Posts
Martin

We are looking at all aspects of GDPR, including that one
__________________
Bruce Townsend
Ecommerce Product Manager
SellerDeck Ecommerce Solutions
Reply With Quote
  #24  
Old 04-Jan-2018, 03:56 PM
graphicz's Avatar
graphicz graphicz is offline
Registered User
Join Date: May 2007
Full Name: Jonathan Chappell
Posts: 747
Thanks: 60
Thanked 102 Times in 81 Posts
Cookie Banner

I thought I had posted a Cookie Banner code but it doesn't come up on search, so here it is:

This goes in the <head></head> section:

Code:
<style>
#asterix_cookie_widget .cookie-container {
    margin: 0 auto;
    overflow: hidden;
    padding: 6px 0;
    width: 100%!Important;
}

#asterix_cookie_accept {
	font-weight: bold;
	cursor: pointer;
	text-decoration: underline;
	color:blue;
}
#asterix_cookie_accept:hover {
	color:red;;
}
</style>
This goes immediately after the opening <body> tag:

Code:
<!-- Cookie Banner -->
<actinic:block if="%3cactinic%3avariable%20name%3d%22IsNotPreviewMode%22%20%2f%3e">
<div id="asterix_cookie_widget" style="display: inline; text-align: center; font-size: 13px; color:#313131;line-height: 140%; position: fixed; bottom: 0; right: 0; margin: 0; padding: 3px; background:#c0c0c0; border-top: 1px solid #000066; z-index: 100000; opacity: 0.9; filter: alpha(opacity=9);width:100%;">
    <div class="cookie-container" style="text-align:center;">
        <span>This site uses cookies to make it work and to collect analytics data. <a href="info.html">Find out more.</a></span>&nbsp;-&nbsp;<span id="asterix_cookie_accept" onclick="asterix_cookie_accept();return false;">OK - Carry on!</span><span id="asterix_cookie_wait" style="vertical-align: middle;" onclick="clearTimeout(asterix_cookie_timer);return false;">Please Wait</span>
  </div>
</div>

<script type="text/javascript">
//<![CDATA[
    var asterix_cookie_timeout = 0;
    var asterix_cookie_functions = [];
    var asterix_cookie_widget = document.getElementById('asterix_cookie_widget');
    var results = document.cookie.match('(^|;) ?asterix_cookie_widget=([^;]*)(;|$)');
    if (results) {
        if (1 == unescape(results[2])) {
            asterix_cookie_accept();
        }
    } else {
        window.onload = function () {
            for (var i = 0; i < document.links.length; i++) {
                var link_href = document.links[i].getAttribute('href');
                if ('privacy' != document.links[i].getAttribute('rel') && (!/^[\w]+:/.test(link_href) || (new RegExp('^[\\w]+://[\\w\\d\\-\\.]*' + window.location.host)).test(link_href))) {
                    var current_onclick = document.links[i].onclick;
                    document.links[i].onclick = function () { asterix_cookie_accept(); if (Object.prototype.toString.call(current_onclick) == '[object Function]') { current_onclick(); } };
                }
            }
        };
    }

    var asterix_cookie_timer;
    if (asterix_cookie_timeout > 0) {
        asterix_cookie_timer = setTimeout('asterix_cookie_tick()', 1000);
    } else {
        var asterix_cookie_wait = document.getElementById('asterix_cookie_wait');
        if (null != asterix_cookie_wait) {
            asterix_cookie_wait.parentNode.removeChild(asterix_cookie_wait);
        }
    }
    function asterix_cookie_tick() {
        if (0 >= --asterix_cookie_timeout) {
            asterix_cookie_accept();
            return;
        }
        var asterix_cookie_accept_button = document.getElementById('asterix_cookie_accept');
        if (null != asterix_cookie_accept_button) {
            asterix_cookie_accept_button.innerHTML = 'Yes (' + asterix_cookie_timeout + ')';
            asterix_cookie_timer = setTimeout('asterix_cookie_tick()', 1000);
        }
    }


    function asterix_cookie_accept() {
        clearTimeout(asterix_cookie_timer);
        document.cookie = 'asterix_cookie_widget=1; path=/; expires=Mon, 18 Jan 2038 03:14:00 GMT';
        asterix_cookie_widget.parentNode.removeChild(asterix_cookie_widget);
        for (var i = 0; i < asterix_cookie_functions.length; i++) {
            asterix_cookie_functions[i]();
        }
    }
//]]>
</script>
</actinic:block>
<!-- End Cookie Banner -->
Without warranty express or implied.

Thank you
__________________
Jonathan Chappell
Website Designer
SellerDeck Website Designer
Actinic to SellerDeck upgrades
Graphicz Limited - www.graphicz.co.uk
Reply With Quote
The Following User Says Thank You to graphicz For This Useful Post:
Goz (04-Jan-2018)
  #25  
Old 04-Jan-2018, 04:10 PM
brucet brucet is offline
Administrator
Join Date: Apr 2003
Full Name: Bruce Townsend
Posts: 954
Thanks: 57
Thanked 225 Times in 135 Posts
Thanks Jonathan. Although it's worth being aware that GDPR is likely to make cookie popups obsolete, by transferring the responsibility for compliance from the site owner to the browser settings. See eg https://webdevlaw.uk/2017/01/10/cook...-announcement/
__________________
Bruce Townsend
Ecommerce Product Manager
SellerDeck Ecommerce Solutions
Reply With Quote
  #26  
Old 10-Jan-2018, 02:25 PM
Buzby's Avatar
Buzby Buzby is offline
Registered User
Join Date: Feb 2004
Full Name: Jason
Posts: 844
Thanks: 88
Thanked 36 Times in 32 Posts
Just read this

Quote:
Right to be forgotten

A big area for investment (of time and possibly money) is understanding what data you have and where it is. The GDPR gives a EU resident the right to see, have amended or delete all personal data held. This includes backups and archives, and the whole process from request to completion has to be audited/proved, and completed within 30 days. Failure to do so is classed as a major breach and will incur the fine of up to €20 million.
What about our Snapshots? it would seem we have to somehow remove data from past snapshots.
Reply With Quote
The Following User Says Thank You to Buzby For This Useful Post:
graphicz (10-Jan-2018)
  #27  
Old 10-Jan-2018, 03:11 PM
graphicz's Avatar
graphicz graphicz is offline
Registered User
Join Date: May 2007
Full Name: Jonathan Chappell
Posts: 747
Thanks: 60
Thanked 102 Times in 81 Posts
Indeed. Possibly just keeping the past three snapshots on an encrypted drive?

Help , troubleshooting, support backup gives the option to remove data but if the snapshot is for a company to backup incase of hardware failure/fire/theft the data must be on it.

I think we just have to destroy old snapshots?

We also need to explore how secure Dropbox/Google Drive is as up until now these are good, safe places to keep two or three current snapshots.
__________________
Jonathan Chappell
Website Designer
SellerDeck Website Designer
Actinic to SellerDeck upgrades
Graphicz Limited - www.graphicz.co.uk
Reply With Quote
  #28  
Old 11-Jan-2018, 01:14 PM
Buzby's Avatar
Buzby Buzby is offline
Registered User
Join Date: Feb 2004
Full Name: Jason
Posts: 844
Thanks: 88
Thanked 36 Times in 32 Posts
And how do you prove that you have removed someones data without showing them your database, and compromising others data?
Reply With Quote
  #29  
Old 12-Jan-2018, 09:16 AM
brucet brucet is offline
Administrator
Join Date: Apr 2003
Full Name: Bruce Townsend
Posts: 954
Thanks: 57
Thanked 225 Times in 135 Posts
Hi Jonathan and everyrone

We are still working towards publishing a statement. We are not reluctant to give information, just reluctant to give information that we haven't fully processed and understood, and cannot confidently defend. We don't want to be guilty of either scaremongering or complacency.

GDPR has to be held up alongside the impending ePrivacy regulations, which will inform and complement it. The key thing is to understand the legal basis on which you are processing personal information. If you can process customer information on the basis of legitimate interest, then the requirements are less stringent than if the basis is informed consent; although they are still a bit more stringent than at present.

It's complicated. Please give us a bit more time - thanks.
__________________
Bruce Townsend
Ecommerce Product Manager
SellerDeck Ecommerce Solutions
Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT. The time now is 01:38 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.