User consent before validation

Question

User consent before validation

Closed this issue 5 years ago · 6 comments

Show popup to ask an explicit confirmation from the user before executing NetLicensing validation request.

Consent popup form
Text:

By choosing "Agree" validation request will be sent to the Labs64 NetLicensing to verify valid use of the plugin or theme.
Personal data transferred with this request such as Unique Identifiers, Plugin and Theme Details, WordPress Instance Name, Domain Name, System Details of the data subject.

For more details on Labs64 NetLicensing data protection provisions visit Privacy Policy ( https://www.labs64.com/legal/privacy-policy/ ) and Privacy Center ( https://www.labs64.de/confluence/x/vQEKAQ )

Buttons: Agree / Cancel

Answer 1 · 2019-08-11T08:04:38.000Z

Possibly even needed on first validation (in background) while calling PluginPass_Guard.validate().
User consent request can be enabled/disable by adding new parameter to the validate() function.

Once user accepted this, concent timestamp should be stored in the database - concent_ts and not requested again until user revokes this (new issue needed here) or plugin is deregistered #15

Answer 2 · 2019-08-19T08:04:01.000Z

Discussion notes from 16.07.19:
As consent dialog is related to the UI, it is impossible to show it from within vendor's plugin - UI in the vendor's plugin is undefined and may even not exist. Instead, we agreed to describe mechanisms for the vendor how to redirect to the PluginPass admin area where the dialog is implemented and consent can be collected. In all other cases of PluginPass_Guard use, if consent is not yet collected, calls to the NetLicensing to be silently skipped, and unsuccessful validation to be returned (i.e. valid == false).
Appropriate sentence is required in the PluginPass ToS, that puts the responsibility for consent collection on the vendor.

Answer 3 · 2019-08-21T06:02:19.000Z

Two events in the PluginPass plugin can be still considered:

PluginPass plugins table and click on the Validate link
=> ask for consent before sed request to NetLicensing
PluginPass_Guard.validate() method
=> show banner in the admin area and ask a user to provide consent; fail validation without consent

Answer 4 · 2019-08-27T08:04:19.000Z

TODO / @r-brown - add to the docs

Answer 5 · 2019-08-27T19:06:12.000Z

FAQ updated with the consent information - https://github.com/Labs64/PluginPass/wiki/FAQ#gdpr-how-to-update-user-consent

Answer 6 · 2019-09-03T11:26:02.000Z

I updated the Wiki and FAQ with consent information.