Get Rid of the name "SmugMug" in the New Privacy and Cookie Policy Popup

Hikin' Mike

This is our site, not SmugMug. Please remove the name SmugMug in the New Privacy and Cookie Policy Popup. Since I'm not required to have a Cookie Popup, I decided to turn it off with CSS, but it really shouldn't say SmugMug at all. Would be nice to use OUR theme's colors and not SmugMug too.

https://dgrin.com/discussion/266497/tutorial-changing-the-colors-on-the-new-privacy-and-cookie-policy-popup#latest

tomnovy

Mike not sure what is the problem - the cookie popup is mentioning SmugMug, because we are managing cookies on customer's websites.

Hikin' Mike

It's my website, not SmugMug. I don't want my customers to know about SmugMug. Like I said, I just removed it because I don't need the popup like the EU people.

leftquark

I'm not a lawyer, and since I'm no longer at SM, I don't have full insight into the new privacy banner or its wording, but when I was there, I was a strong voice to ensure the name "SmugMug" was only included if it absolutely had to be, and everyone who heard me speak up, was part of the team that wrote this, so I know it was on their minds too. It's very possible that the new CCPA and GDPR regulations require the service (aka "SmugMug") that is setting the cookie has to include its name in the message.

Hikin' Mike

@leftquark said:
I'm not a lawyer, and since I'm no longer at SM, I don't have full insight into the new privacy banner or its wording, but when I was there, I was a strong voice to ensure the name "SmugMug" was only included if it absolutely had to be, and everyone who heard me speak up, was part of the team that wrote this, so I know it was on their minds too. It's very possible that the new CCPA and GDPR regulations require the service (aka "SmugMug") that is setting the cookie has to include its name in the message.

I hope that's the case. Like I said earlier, I don't need it, so I just hide it. It would have been nice to have that popup mach our site and not SM, but it was an easy change.

Ferguson

I hope that's the case. Like I said earlier, I don't need it, so I just hide it. It would have been nice to have that popup mach our site and not SM, but it was an easy change.

How do you know you don't need it? I've found the rules very ambiguous, but most US companies adopt the view that EU citizens may use them and so may become subject to the GDPR rules and provide a suitable disclosure. Note I am not saying you DO need it, I am asking if you are sure you do not?

Perhaps more to the point here and with apologies if this seems argumentative, but I am not at all sure it is "your" website in a legal sense. Before you yell, consider that SM instruments every page you put up, collects data from it (data they do not share with you). That data collection is core to the GDPR rules. It is definitely not like a classic hosting site where YOU could collect the data and make sharing decisions. From my own perspective I am assuming (and so could be quite wrong also) that SM is doing all the required things to make sure my web site is compliant to the extent it needs to be. Last thing I want is a letter from some lawyer.

So again, apologies if it seems argumentative, it is not a rhetorical question when I ask if you are sure. I am genuinely curious what the rules really are.

Hikin' Mike

I don't know 100% sure that I DON'T need one. I've had Privacy Policy on my website for several years and that's good enough for me.

leftquark

I'm not a lawyer, so please consult legal advice for the final say but ... GDPR rules hold you accountable, not SmugMug, if your site isn't GDPR compliant in certain regards. Now obviously all of us would cancel our subscriptions if SmugMug didn't provide the tools for us to be compliant, so a large amount of work was done to prevent this from happening. So unless you ensure nobody from the EU visits your site, it does in fact apply to you.

Even more so, California has adopted the CCPA, which is very similar to GDPR and is the reason why you (Mike) are seeing the privacy policy pop-up. Anyone browsing within California will see the privacy policy and your site does need to comply. It's not just ensuring the privacy policy is linked to, but GDPR and CCPA both require a way to opt out of tracking, which is what a large part of that privacy banner determines.