14 | | What you are proposing is to deviate from what has been legal, and considered best practices, for the last 16 years. You say that the new practice you want to introduce is an "enhancement", not a "bug". I am not going to get into a type tagging war, but in my eyes, ''CookieBot'' just adds another unneeded third party service that could potentially track my users in the computer systems where I am the controller. Since it does not do anything ''better'' than current best practices, I simply see no need for it, and I suspect that installing ''CookieBot'' would break the GDPR compliance with my site unless I am able to negotiate a Data Processor Agreement (me as controller, ''CookieBot'' as processor) that provides me with the controls and assurances I am, by law, required to have as a controller. As I see no utility for myself or my users for this service, negotiating such a DPA would of course be a waste of time. |
| 14 | What you are proposing is to deviate from what has been legal, and considered best practices, for the last 16 years. You say that the new practice you want to introduce is an "enhancement", not a "bug". I am not going to get into a type tagging war, but in my eyes, ''CookieBot'' just adds another unneeded third party service that could potentially track my users in the computer systems where I am the controller. Since it does not do anything ''better'' than current best practices, I simply see no need for it, and I suspect that installing ''CookieBot'' would break the GDPR compliance of my site unless I am able to negotiate a Data Processor Agreement (me as controller, ''CookieBot'' as processor) that provides me with the controls and assurances I am, by law, required to have as a controller. As I see no utility for myself or my users for this service, negotiating such a DPA would of course be a waste of time. |