Hey guys,
I am currently writing a german privacy policy for a grav website and this is currently the only forum post (at least found by google) available.
I have a few questions which you guys could please verify:
- If I disable the session:
- I do not need any paragraph about session cookies, but I’d need one for external cookies like using google maps or so?
- Which features require the session to be enabled? The login plugin, but what else?
- What does grav actually log by default? It looks to me that there are only critical entries in my /log/grav.log, which do not contain user information, only programmatic issues.
- Should I still keep a paragraph about server logs, as my hosting service (netcup) is recording logs (I assume they do, need to check that)
- I will add a paragraph about the contact form
- I will add a paragraph for comments and ratings (which I will use)
- I found a default text paragraph about openstreetmap. But do I really need this? I’ve checked on my website and the leaflet javascript library does not seems to set any cookie for openstreetmap. This means I do not need to add it to the privacy policy? I am wondering why there was this text on some lawyer website, it seems not true.
- Is it a mistake to also add a paragraph about youtube, even though I am not (yet) using any youtube video, but maybe do in the future?