Jump to content

Concerned Squarespace doesn't comply with GDPR

Recommended Posts

Posted

So I've recently subscribed to Squarespace and have set up my website. However, it seems the cookies banner doesn't comply with GDPR, and even if I use the disable cookies option, this only includes 'non essential' cookies - so that doesn't comply with GDPR either.

Is there a workaround, or are Squarespace websites unsuitable for EU/UK websites as it can't comply with GDPR rules? 

  • 3 months later...
Posted

Same question here. Seems like there is no option for checkbox to enable/diable "essential", "marketing"-cookies etc.

Does anyone know what the best workaround is?

When will squarespace fix this? Seems like I have to switch to wix for the next project.

  • 3 months later...
Posted

Hi !

I have exactly the same issue. I knew pretty fast, that the cookie banner from squarespace wasnt sufficent for the EU Market. So i have a third part cookie blocker that was included in a package from it-rechtskanzlei münchen.  But that is even not enough, to use 3rd party cookie blocker. 

Today i had a video zoom meeting with the support and we found out, that squarespace doesnt allow, to implement the code as highest code injection. 

So thats really an issue. As they would need to create a plugin that squarespace would allow to integrate as first and highest code order. 


that is what my screenshot looks like.


for example typekit net and all other vendors should be in first code lines, before everything. 


So im still on it, and asked also the attorney company how to behave now, as squarespace is internationally offering their templates. Noone assumes not to use it, because you are in the EU.


729579014_Bildschirmfoto2022-09-19um12_31_17.thumb.png.9f117977dc92eb2e2a6384793848abdb.png

Posted

I am at the same point. I tried to solve with CCM19 (third party for cookie banner) but they tell me that since Squarespace is hosting in USA, I should not make use of it as this is a legal issue. Using the third party cookie banner is not enough, because even the typekit cookies and Squarespace cookies would send data to the USA before the user has the possibility to block those. Any idea how to solve this?

Posted

I have contacted all,
1) my supplier for the legal website content  for terms and conditions (it-rechtskanzlei)
2) squarespace
3) consentmanager.net

1) + 2) cannot help. Infact squarespace doesnt really understand this problem. My supplier for legal text content advices, either not use squarespace, or to risc it at own risc.

for the consentmanager who suuplies the cookie banner and blocker i am still awaiting for response. There is les chance however they can make up a plugin, that squarespace allows to skip their code before reading the page.

I have kindly but seriously pointed out, that squarespace actually could not be offered on the EU market, with this legal issue. Squarespace does not feel responsible, even though offering on the EU market.

Posted

Hi all!

For this, you need to use dedicated software that keeps up with the EU laws and regulations, and offers full compliancy (i.e. records of consent, a cookie consent manager).

I recommend CookieYes. There is a free version which fully blocks cookies (though you need to upgrade to store consent records).

CookieYes is compliant with GDPR and also the CCPA and other privacy regulations around the world. 

— Hannah 

Sisu Templates

A brand designer & strategist creating brands that bridge the gaps between artistry, strategy, and thoughtful consideration. Creator of Studio Founded, a digital resource library for purposeful business owners. 
💻 Shop Squarespace Templates
✍️ Curated Business Resources

🥰 Complimentary Downloadables
🤍 Bespoke Branding & Websites

Links in my posts may be affiliate links.

  • 3 months later...
Posted
On 10/1/2022 at 2:31 AM, sisutemplates said:

Hi all!

For this, you need to use dedicated software that keeps up with the EU laws and regulations, and offers full compliancy (i.e. records of consent, a cookie consent manager).

I recommend CookieYes. There is a free version which fully blocks cookies (though you need to upgrade to store consent records).

CookieYes is compliant with GDPR and also the CCPA and other privacy regulations around the world. 

— Hannah 

Sisu Templates

Hi Hannah,
I tried to install CookieYes, but couldn't find the free version.

It automatically sends me to put in my credit card details. 

Posted (edited)
On 1/19/2023 at 11:34 AM, evgen_kotelevskiy said:

I tried to install CookieYes, but couldn't find the free version.

CookieYes don't advertise the free option. You should be able to see it on this page although you'll need to upgrade to the basic ($10/£8 per month) option if you'd like to style the cookie banner (custom branding).

image.thumb.png.b57d916bac9878f26356ed9e8aa9059d.png

If you're looking at options, I recommend CookieScript as, in my opinion, it is easier to configure, and easier for site visitors to use.

Did this help? Please give feedback by clicking an icon below  ⬇️

Edited by paul2009

Me: I'm Paul, a SQSP user for >18 yrs & Circle Leader since 2017. I value honesty, transparency, diversity and good design ♥.
Work: Founder of SF.DIGITAL. We provide high quality original extensions to supercharge your Squarespace website. 
Content: Views and opinions are my own. Links in my posts may refer to my own SF.DIGITAL products or may be affiliate links.
Forum advice is completely free. You can thank me by selecting a feedback emoji. Buying a coffee is generous but optional.

Posted
On 1/19/2023 at 3:51 PM, paul2009 said:

CookieYes don't advertise the free option. You should be able to see it on this page although you'll need to upgrade to the basic ($10/£8 per month) option if you'd like to style the cookie banner (custom branding).

image.thumb.png.b57d916bac9878f26356ed9e8aa9059d.png

If you're looking at options, you may also want to take a look at CookieScript.

Did this help? Please give feedback by clicking an icon below  ⬇️

Thank you, @paul2009! I just installed it.

  • 8 months later...
Posted
On 9/28/2022 at 12:29 AM, LonniWong said:

I have contacted all,
1) my supplier for the legal website content  for terms and conditions (it-rechtskanzlei)
2) squarespace
3) consentmanager.net

1) + 2) cannot help. Infact squarespace doesnt really understand this problem. My supplier for legal text content advices, either not use squarespace, or to risc it at own risc.

for the consentmanager who suuplies the cookie banner and blocker i am still awaiting for response. There is les chance however they can make up a plugin, that squarespace allows to skip their code before reading the page.

I have kindly but seriously pointed out, that squarespace actually could not be offered on the EU market, with this legal issue. Squarespace does not feel responsible, even though offering on the EU market.

Have there been any changes to this situation that you'd be willing to share?

Posted
13 hours ago, Aurora said:

Have there been any changes to this situation that you'd be willing to share?

squaresquares respond on Nov 9th 2012 and my last contact on this topic:

"

Marty (Squarespace) 

9. Nov. 2022, 11:15 AM GMT-5 

Hi there,
 
Thanks for your reply. Squarespace is aware of EU laws related to the use of cookies and similar tracking technologies. Indeed, as you note, we have many Squarespace lovers in the EU who use our platform to create and maintain websites.
 
As you note, EU law requires website owners to take a number of key steps prior to placing non-essential cookies (essential cookies are also known as “strictly necessary” or “required” cookies) on EU visitors. It’s important to note that under EU laws and regulatory guidance, essential cookies may be placed on website visitors without obtaining consent. But websites that wish to place non-essential cookies must, through the use of a cookie banner (see here: https://support.squarespace.com/hc/en-us/articles/206545727), take the following minimum steps:
 
  • Provide clear and comprehensive information regarding the website’s cookie usage;
  • Which is prominently displayed and easily accessed on the website; and
  • Obtain consent from the website visitor to drop the non-essential cookies.
 
Unless our customers place third party cookie or similar tracking technology providers, Squarespace’s cookie banner enables our customers to comply with applicable EU and UK laws, including recent ICO guidance, with respect to the Squarespace platform cookies listed here: https://support.squarespace.com/hc/en-us/articles/360001264507-About-the-cookies-Squarespace-uses 
 
Our customers may restrict the placement of the Squarespace analytics and performance cookies listed on that guide until visitors click the confirmation message on your banner by following these instructions:
 
In the Home Menu, click Settings, and then click Cookies & Visitor Data.  
You may also disable Squarespace analytics cookies altogether by following the instructions here: https://support.squarespace.com/hc/en-us/articles/360001264507#toc-disable-analytics-and-performance-cookies.
 
EU law does not require you to restrict placement of, so our product does not enable you to disable, the strictly necessary Squarespace platform cookies. These essential cookies are listed here as functional and required cookies: https://support.squarespace.com/hc/en-us/articles/360001264507-About-the-cookies-Squarespace-uses#toc-functional-and-required-cookies
 
Please be sure to review our KB Guides at your convenience:
https://support.squarespace.com/hc/en-us/articles/360000851908 (GDPR and Squarespace)
https://support.squarespace.com/hc/en-us/articles/360001264507 (About the cookies Squarespace uses)
https://support.squarespace.com/hc/en-us/articles/360036134672 (Data Privacy and Squarespace)
 
We hope this information is helpful and thank you for your time.
 

Marty
Trust & Safety
"

Posted
9 hours ago, LonniWong said:

squaresquares respond on Nov 9th 2012 and my last contact on this topic:

"

Marty (Squarespace) 

9. Nov. 2022, 11:15 AM GMT-5 

Hi there,
 
Thanks for your reply. Squarespace is aware of EU laws related to the use of cookies and similar tracking technologies. Indeed, as you note, we have many Squarespace lovers in the EU who use our platform to create and maintain websites.
 
As you note, EU law requires website owners to take a number of key steps prior to placing non-essential cookies (essential cookies are also known as “strictly necessary” or “required” cookies) on EU visitors. It’s important to note that under EU laws and regulatory guidance, essential cookies may be placed on website visitors without obtaining consent. But websites that wish to place non-essential cookies must, through the use of a cookie banner (see here: https://support.squarespace.com/hc/en-us/articles/206545727), take the following minimum steps:
 
  • Provide clear and comprehensive information regarding the website’s cookie usage;
  • Which is prominently displayed and easily accessed on the website; and
  • Obtain consent from the website visitor to drop the non-essential cookies.
 
Unless our customers place third party cookie or similar tracking technology providers, Squarespace’s cookie banner enables our customers to comply with applicable EU and UK laws, including recent ICO guidance, with respect to the Squarespace platform cookies listed here: https://support.squarespace.com/hc/en-us/articles/360001264507-About-the-cookies-Squarespace-uses 
 
Our customers may restrict the placement of the Squarespace analytics and performance cookies listed on that guide until visitors click the confirmation message on your banner by following these instructions:
 
In the Home Menu, click Settings, and then click Cookies & Visitor Data.  
You may also disable Squarespace analytics cookies altogether by following the instructions here: https://support.squarespace.com/hc/en-us/articles/360001264507#toc-disable-analytics-and-performance-cookies.
 
EU law does not require you to restrict placement of, so our product does not enable you to disable, the strictly necessary Squarespace platform cookies. These essential cookies are listed here as functional and required cookies: https://support.squarespace.com/hc/en-us/articles/360001264507-About-the-cookies-Squarespace-uses#toc-functional-and-required-cookies
 
Please be sure to review our KB Guides at your convenience:
https://support.squarespace.com/hc/en-us/articles/360000851908 (GDPR and Squarespace)
https://support.squarespace.com/hc/en-us/articles/360001264507 (About the cookies Squarespace uses)
https://support.squarespace.com/hc/en-us/articles/360036134672 (Data Privacy and Squarespace)
 
We hope this information is helpful and thank you for your time.
 

Marty
Trust & Safety
"

Thank you for sharing!

Am I understanding this correctly — as long as we're not using other 3rd party services that place non-essential cookies, Squarespace's cookie banner is sufficient in complying with the GDPR, but as soon as we do, we need a 3rd party cookie banner?

Posted

you need to check how your 3rd party service is working on your side. you can check by inspecting your site.
i used 3rd party services, that i paid for and had meetings with to exactly discuss this how to block my site first.
At the end, You just need to decide with your understanding of secureing. They say its all correct from their side. 

However after i could show them a screenshot of my website, that my side has been fully loaded in the background, BEFORE people would decide to accept or not. So my 3rd party service wasnt able to block my site first because everything in the background was already fully loaded.

  • 1 month later...
Posted (edited)

Is there any update to the cookie-policy issue?

SS Personal plan does not allow any Code Injections to take use a third party cookie policy plugin (like cookiebot, cookie-script etc). This solution can not be used on Personal plan.

I'm really disappointed as I did my first site to a client and they are a club with low budget, so they chose the Personal plan and now we ran into this cookie issue (10 pages of site, with 15 cookies from marketing to strictly necessary) when the SS cookie-policy pop-up is enabled, and without the pop-up, only 6 cookies.
 
SS - can you please allow using code for the cookie consent from different service provider to comply the GDPR requirements. Like to be able to activate cookiebot/cookie-script & similar service providers.
 
#cookies #gdpr
Edited by WonderingCode
more details
  • 5 months later...
Posted
On 1/26/2023 at 11:33 AM, evgen_kotelevskiy said:

Thank you, @paul2009! I just installed it.

Hi @evgen_kotelevskiy! I was just wondering, did you get it to work with CookieScript? I'm in exactly the same situation and don't really know how to proceed. I currently have Cookiebot and am considering whether I should switch to CookieScript...how has it worked out for you?

Create an account or sign in to comment

You need to be a member in order to leave a comment

×
×
  • Create New...

Squarespace Webinars

Free online sessions where you’ll learn the basics and refine your Squarespace skills.

Hire a Designer

Stand out online with the help of an experienced designer or developer.