Highlighted

GDPR compliance of Muse widgets?

Participant ,
May 15, 2018

Copy link to clipboard

Copied

Hi there,

since the European GDPR takes effect on May 25th all our websites should include the new privacy text. One item is whether there are any third party requests running from our websites. My client checked her site (done by me with Muse) and found 24 third party requests. Now the question is, are they GDPR compliant?

The site of my client is www.petra-halfmann.de and here is the report from cookie-checker.com: Petra-halfmann.de uses 0 cookies - Cookie-checker.com

Thank you in advance,

Janne

Views

1.1K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more

GDPR compliance of Muse widgets?

Participant ,
May 15, 2018

Copy link to clipboard

Copied

Hi there,

since the European GDPR takes effect on May 25th all our websites should include the new privacy text. One item is whether there are any third party requests running from our websites. My client checked her site (done by me with Muse) and found 24 third party requests. Now the question is, are they GDPR compliant?

The site of my client is www.petra-halfmann.de and here is the report from cookie-checker.com: Petra-halfmann.de uses 0 cookies - Cookie-checker.com

Thank you in advance,

Janne

Views

1.1K

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
May 15, 2018 0
LEGEND ,
May 15, 2018

Copy link to clipboard

Copied

The regulations are NOT just for websites.

You have posted your clients email address on the site, that means your client should comply with the regulations for any contacts she has received.

As for the 24 3rd party requests, you will have to contact the receivers of those requests to ensure they are compliant. Also the simple fact that those requests are made via your clients site, also means that if any of those 24 3rd party requests require compliance, then your client will also have to ensure compliance is met by those 3rd party requests, as the requests are via your clients site, and that makes your client responsible.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 15, 2018 0
Participant ,
May 15, 2018

Copy link to clipboard

Copied

I know about the many other regulations, but this was not my question.

My question is about the 3rd party requests. I don´t know what they are. Most links say http://museengine.parseapp.com/loader.js . I wonder what they are?

Another link is http://musecdn.businesscatalyst.com/scripts/4.0/jquery-1.... which is clearly a Muse thing and another link is https://use.typekit.net/ik/8DBjsOxG0CQja9zOMmuCI8uOKGxgPv... which means that the request comes from Adobe.

I hope someone with inside knowledge will help me soon!

Thank you, Janne

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 15, 2018 0
Participant ,
May 16, 2018

Copy link to clipboard

Copied

I still wait for an answer from Adobe!!

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 16, 2018 0
May 21, 2018

Copy link to clipboard

Copied

Hey Marianne,

I am checking with our product team for your query.

Will update you with the received information shortly.

Regards,

Ankush

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 21, 2018 1
Most Valuable Participant ,
May 22, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/Marianne+Reuter  wrote

I know about the many other regulations, but this was not my question.

My question is about the 3rd party requests. I don´t know what they are. Most links say http://museengine.parseapp.com/loader.js . I wonder what they are?

Another link is http://musecdn.businesscatalyst.com/scripts/4.0/jquery-1.... which is clearly a Muse thing and another link is https://use.typekit.net/ik/8DBjsOxG0CQja9zOMmuCI8uOKGxgPv... which means that the request comes from Adobe.

I hope someone with inside knowledge will help me soon!

Thank you, Janne

museengine is a widget preloader file

the cdn is a script... "default fallback" in case the user has an old IE browser it will kick in and allow some part of the page to still load so they don't just get a blank page

and the typekit is looking for your lic to use that font... you can remove this by only using websafe fonts if you want it gone and you may need to refesh your site afterwards to clear it because you have a 3rd party host server

the link that your 3rd party tool mised is the amazon links

p.s, nice design mate!

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 1
Participant ,
May 22, 2018

Copy link to clipboard

Copied

Thx, Ussnorway for your approval and the helpful insight. … So it seems that the cdn script checks users´ browsers and should be mentioned in my privacy text? I wonder why Adobe doesn´t provide those default texts on their website.

I detected the museengine parts. They come from a Musegrid widget. I already wrote to them but got no answer.

I also wrote to Typekit and got no answer either. I found a privacy text on the web though and copied it.

I guess we can´t help the GDPR requirements. But what really annoys me is the fact that those big companies like Adobe don´t care a shit to give their customers a helping hand in providing default privacy texts. It costs my precious working time to write to them all and beg for their declarations. And only a small percentage demean themselves to answer me. Adobe btw. isn´t amongst them!

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 0
Participant ,
May 22, 2018

Copy link to clipboard

Copied

Thx Ankush! Hopefully they listen to you ...

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 0
Most Valuable Participant ,
May 22, 2018

Copy link to clipboard

Copied

https://forums.adobe.com/people/Marianne+Reuter  wrote

and should be mentioned in my privacy text?

I don't think so but I'm a coder that knows a little law not a lawyer that knows any code

The host server (that holds the website files) gets a request from the users browser to load your page

Normally this request includes the browser id from the user i.e, I'm a firefox browser or I'm internet explorer 11 then the host server sends the files under the basic script

However if the browser happens to be a very old browser OR refuses to tell the host server what it is then this fall back is what gets used... Because even if the browser is not known we do know that the older file types will work

Imo this system doesn't breech the rules because it allows the user to hide their browser id and still get the files... Perhaps older versions that don't work as well but that is the price they pay to be anonymous

p.s, I don't see how Adobe, you or I can talk about GDPR requirements when the new rules are so vague but I wasn't asked by the powers to give my advice... not that I would have been interested in such a pointless bugger up

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 1
Participant ,
May 22, 2018

Copy link to clipboard

Copied

Thank you, Ussnorway – your coder insight really helps me a lot! So it seems the widget´s request gets the information from my host. And the fact that the host is collecting IP data, is already dealt with in common privacy texts. Sounds as if I don´t have to mention those other sources ...

Still hoping to get an answer from Adobe as well, though ...

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 0
LEGEND ,
May 22, 2018

Copy link to clipboard

Copied

The GDPR requirerments are nothing to do with the browser, but all to do with what information is collected, stored and/or used by anything connected with your site, (3rd party or not) and as far as the EU regulations are concerned that is the responsibility of the site owner, who will refer any complaints to you as the site creator, and de-facto expert.

If you are using any widgets, then the widget creators are the only ones who can tell you what steps they are/have taken in order to meet the regulations. No one is going to go through the entire code of a site you created just to check what is happening. The one good thing is that the html and css will not be passing on or storing any information, as this requires javascript or server-side code.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 0
Participant ,
May 22, 2018

Copy link to clipboard

Copied

@piziecina: So to your opinion it´s the widget creators who should answer to it? And these are the ones who keep silent.

Sorry, guys, but I am a designer, no coder and to me it seems that everyone tells me something else. Whom shall I believe? And neither Adobe nor Musegrid get back at me.

Not the wiser,

Janne

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 0
LEGEND ,
May 22, 2018

Copy link to clipboard

Copied

Yes, the widgets are the main unknown when it comes to compliance, mainly because only the creators know what information they are collecting, or what they are doing to ensure any information collected is safe.

As I said, one could go through the javascript code but that would be an extremely long job, and one unlikely to be carried out by anyone else due to the time involved in doing so. Also if any of the widgets connect to a server that is supplying the information to your site is using server-side code to do so, then it is impossible for anyone to check what information is being collected, (by you or anyone else in this or any other forum) except by the owners of that/those servers, as server-side code cannot be examined in a browser.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 0
Participant ,
May 22, 2018

Copy link to clipboard

Copied

I chatted with muse grid and they told me their widget doesn´t collect any data.

So what remains is http://musecdn.businesscatalyst.com/scripts/4.0/jquery-1.8.3.min.js Anyone who can tell me something about?

As for typekit I already found a text in the web that I´ll copy.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 0
LEGEND ,
May 22, 2018

Copy link to clipboard

Copied

JQuery is a javascript abstraction layer, that makes writting javascript easier, and it collects no data.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 0
Participant ,
May 22, 2018

Copy link to clipboard

Copied

Thank you, pziecina! I´ll tell this to my client and hope she is contented with this information.

Likes

Translate

Translate

Report

Report
Community Guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
Reply
Loading...
May 22, 2018 0