- Issue created by @mastap
- 🇦🇹Austria hudri Austria
There is no documentation because this simply does not exist. The module is just a "cookie banner", it only does the technical handling of injecting after consent. It does not document or store which users have given consent or when they have given consent.
AFAIK this is also not a requirement of the GDPR. This is something you might want to have to protect yourself in case of GDPR lawsuits, but AFAIK formally not a legal requirement of the GDPR (I'm no lawyer tough, so no guarantees here!)
And IMHO this module should not even do this, because then the module itself stores personalized data again, which opens a whole new can of worms. If you need this level of safety, a commercial CMP might be better suited for your case.
- 🇨🇦Canada mastap
Thank you for the clarification, I appreciate your input.
You’re right that it’s not a formal requirement under GDPR to store consent in every case, but rather a protective measure some organizations take to avoid legal complications.
My confusion stemmed from the module’s name, “Cookies Consent Management.” I assumed that the “consent management” part of the name implied it would manage, store or log user consent, as managing consent usually involves tracking when and how it’s given. I understand now that this module is primarily focused on the technical handling of cookies, not consent.
I was also hoping to learn if other plugins within this ecosystem might offer this consent storage functionality, as it would be useful to have a full solution for managing consent without needing to resort to a commercial CMP.
As a side note, from a legal perspective, storing user consent is indeed part of obtaining the user’s consent—allowing the website to record this consent. When someone sign an contact protecting personnal info, there is a need to keep a safe copy of the contract.
Thanks again for your insights, and hopefully, this conversation will help others looking for similar functionality.