| ▲ | rpdillon 12 hours ago |
| It's a site where they log in and we store a cookie. |
|
| ▲ | rendx 12 hours ago | parent [-] |
| "Strictly necessary cookies — These cookies are essential for you to browse the website and use its features, such as accessing secure areas of the site. Cookies that allow web shops to hold your items in your cart while you are shopping online are an example of strictly necessary cookies. These cookies will generally be first-party session cookies. While it is not required to obtain consent for these cookies, what they do and why they are necessary should be explained to the user." https://gdpr.eu/cookies/ |
| |
| ▲ | rpdillon 11 hours ago | parent [-] | | Right, and then the legal teams tell me they don't care, and we should put up the cookie banner anyway. I feel like you didn't read my original comment. | | |
| ▲ | sensanaty 10 hours ago | parent | next [-] | | That just means your legal team is lazy or incompetent. I work for a massive company that handles extremely sensitive PII and we don't have a cookie banner, because we don't need to have a cookie banner. GitHub doesn't have one, Gitlab doesn't have one. | |
| ▲ | kuschku 7 hours ago | parent | prev [-] | | I've built software used by EU governments, and we don't use a cookie banner for our login cookies either. If your legal team genuinely suggests that, it's likely your company uses the login cookies for some additional purposes. |
|
|
