The EU's General Data Protection Regulation (GDPR) outlines a series of consumer protections that may affect your website. These include regulations that require your visitors' consent to use most cookies. Standard cookies such as Analytics, Analytics_VisitorID, and Language are created automatically by Evoq and cannot be disabled, but may fall under the GDPR's requirement for consent.
The information in this article should not be construed as legal advice. Your legal counsel should be consulted to determine whether your site meets all GDPR requirements.
- All versions of DNN and Evoq
- Portals that are accessible within the EU or by EU citizens
The GDPR requires that cookies that are not strictly necessary for site function require consent. Cookies that store language preference may be exempt from this, but any kind of cross-visit tracking cookies are not, and visitors need to consent to their use for your site to remain compliant.
Some of the cookies that are created automatically by an out-of-the-box DNN Evoq site may require consent from your visitors. For example, GDPR requirements specifically state that cookies used for analytics purposes require consent. Current versions of Evoq create two cookies that cannot be disabled, Analytics and Analytics_VisitorID, which are no longer used by our deprecated analytics platform as of Evoq 9+. Nevertheless, concerns have been raised in the past as to whether their name might cause them to be flagged in a GDPR audit. Your legal counsel should be consulted if you believe this might affect you.
The best solution is likely to err on the side of obtaining consent for all cookie activity. Luckily, there is a robust market of third-party modules that address cookie consent to meet GDPR compliance. These can be found by visiting the DNN Software Store.
You can find out more about the cookies that DNN creates automatically in the article called DNN Cookies and their Functions. It outlines the standard DNN cookies that are created when a user visits a DNN Evoq site.