TNG and GDPR
TNG version: | ≥ 12.0.1 |
TNG 12.0.1 adds the following in support of the General Data Protection Regulation (GDPR) for the European Union (EU)
- Data Protection Policy page
- Cookie Acknowledgement Popup
- Consent to capture personal information
which features are activated using the Admin >> Setup >> General Settings >> Privacy section:
Data Protection Policy
Option in General Settings/Privacy shows a link to a Data Protection Policy in footer and other locations. Policy exists in some language folders but not all. English version is shown if no translation for current language exists.
The file data_protection_policy.php is located in the language folder e.g. languages >> English-UTF8 (or English).
See the Customization - Translations section if you are going to customize the data_protection_policy.php file for localization. The file can be edited using an editor (like Notepad ++) and then saved back, but the original English file should be saved as a backup before replacing it.
Cookie Notification
Option in General Settings/Privacy displays a popup to all new visitors and asks them to acknowledge use of cookies. Cookie is used to remember acknowledgement and prevent the prompt from being displayed again for one year.
TNG 12.0.1 also adds a Cookie Acknowledgement popup.
Consent to Capture Information
Option in General Settings/Privacy prompts visitors to consent to personal data being stored on Contact/Suggest page and new user registration. Box must be checked before form can be submitted.
TNG 12.0.1 also adds a consent checkbox that the user must check to allow the capture of personal information when registering for a User ID, using the Contact Us form or submitting a Suggested Change
Customizations
This section of the wiki page explains how the prescribed texts of the Data Protection Policy and the Cookie Note can be changed and how you can adapt it to your own requirements.
Translations
NOTE: the language folder file of the data_protection_policy.php file should be a translation of the English TNG Data Protection Policy text and not a local interpretation of that policy. If you are going to use local interpretations of the policy then you need to rename the TNG distributed language file before replacing it with your own localization. You will also need to provide translations of the localization for all the languages you make available on your web site.
The following table provides download links to the original TNG UTF-8 language files until TNG 12.0.2
Language | Original TNG Files |
---|---|
English | 12.0.1-01 EN (Master) |
German | 12.0.1-01 DE |
Cookie Note texts
For the modification of the existing texts there is in your language folder e.g. languages >> English-UTF8 (or English) the file cust_text.php into which the changed variables can be entered.
Please pay attention, that the respective line/variable must be completely entered, otherwise it can lead to malfunction!
The text between the quotation marks (") can be changed:
- $text['cookieuse'] = "This site uses cookies.";
- $text['viewpolicy'] = "View policy";
- $text['understand'] = "I understand";
Change the layout of the Cookie box
The layout of the cookie box can be adjusted so that it corresponds to the selected TNG template.
Insert the following code (... adjusted accordingly) into the file mytngstyle.css. This file is located in each template folder (e.g. templates >> template12 >> css):
.cc_container .cc_btn {
background-color: #987e64 !important; /* button color */
color: #ffffff !important; /* button textcolor */
text-decoration: none !important;
}
.cc_container {
background: #383026 !important; /* box background */
color: #fdfdfd !important; /* box textcolor */
}
.cc_container a {
color: #b48a6c !important; /* linkcolor */
text-decoration: underline !important;
Example for template 12 (by using the code from above):
The TNG footer links can be tailored as follows to display the Imprint Link requirement:
- using the Custom footer message
- using the new User Footer Copyright GDPR mod
At the bottom of each page, in addition to the copyright notice of the programmer, an extra line will display the name of the owner / operator of the page and a link to the Data Protection Policy.
The name of the owner / operator of the website is registered in the admin area:
Setup >> Configuration >> General Settings >> Site Design and Definition.
If the field Site Owner (1.) remains empty, the Maintained by ... and the link to Data Protection Policy are not displayed in the footer (current status of TNG V12.0.1 on June 29, 2018).
To display additional information in the footer, the field Custom footer message (2.) can be used.
ATTENTION! Only from TNG V12.0.1 at the date of 06/25/2018, HTML commands should be used in this field! In older versions the use of HTML commands in this field generates a (repairable) total failure.
In this field you can, for example, enter a links to the Data Protection Policy and to an Imprint:
<a href="data_protection_policy.php" target="_blank">Data Protection Policy</a> | <a href="imprint.php" target="_blank">Imprint</a>
It will look like that:
The new User Footer Copyright GDPR mod adds a new Setup > General Settings > Privacy option to display the Imprint link. The new mod will allow:
- user copyright line would be generated when the $dbowner and $sitename fields are used
- Data Protection Policy and Imprint link line based on the Setup > General Settings > Privacy options
- custom footer message
The custom footer message could contain a site specific message, for example
<span class="blueemphasis">You are not authorized to add this page or any images from this page to Ancestry.com without including my copyright and a URL link to my web site.</span><br />Please read the <a href="user/privacy.php" class="footer">Roy and Boucher Privacy Policy and Terms of Use.</a>
The new mod footer would then look as follows
Related Links
EU General Data Protection Regulation (EU-DSGVO): Overview and Table of Contents
General Data Protection Regulation (GDPR)
Additional security measures
The following provide additional security measures:
Controlling Site Access
- Using tngrobots.php
- Robots txt
- How to setup a robots.txt file
- Bot Trap
- Htaccess
- Htaccess Deny
- Htaccess Rewrite
Protecting Resources
- Permissions Explained
- Database User
- Move your configuration files
- Move your backup files
- Move your gedcom files
- Overlaid Subroot how to recover from subroot.php overlay
- Prevent Directory Listing
- Protecting access log