如何将 "I accept the terms & privacy policy" 复选框添加到 Google Firebase 身份验证 UI?
How can I add a "I accept the terms & privacy policy" checkbox to Google Firebase Authentication UI?
欧盟的 GDPR 要求我们在注册时为 "terms" 和 "privacy policy" 用户提供一个选择加入复选框。使用 Firebase 身份验证 UI (FirebaseUI),默认情况下我没有得到它。如何将这样的复选框添加到 FirebaseUI?
澄清一下:FirebaseUI 提供的 tosUrl 是不够的。 GDPR 要求 clear, unambiguous and affirmative consent——简而言之:他们需要主动勾选复选框。我们不能通过注册来隐含地接受条款。
那么我如何获得(未选中的)复选框供用户接受条款和隐私政策?或者我真的必须构建自定义 UI 吗?我无法相信 Google 不会支持 GDPR…
FirebaseUI 为您提供参数tosUrl,用于指向服务条款页面。示例:
var uiConfig = {
signInSuccessUrl: '<url-to-redirect-to-on-success>',
signInOptions: [
// Leave the lines as is for the providers you want to offer your users.
firebase.auth.GoogleAuthProvider.PROVIDER_ID,
firebase.auth.FacebookAuthProvider.PROVIDER_ID,
firebase.auth.TwitterAuthProvider.PROVIDER_ID,
firebase.auth.GithubAuthProvider.PROVIDER_ID,
firebase.auth.EmailAuthProvider.PROVIDER_ID,
firebase.auth.PhoneAuthProvider.PROVIDER_ID
],
// Terms of service url.
tosUrl: '<your-tos-url>'
};
然后在登录时,它会告诉用户单击“登录”按钮即表示您接受条款和条件。
更多信息在这里:
首先这个
GDPR in the EU requires us to have an opt-in checkbox for the "terms" and "privacy policy" users accept when signing up.
不正确。
只有在处理敏感的个人数据时才需要 "explicit" 同意 - 在这种情况下,只要“选择加入”就足够了(第 9(2) 条),quote from here:
- When relying on consent to process personal data, consent must be explicit: WRONG! This was a hotly debated topic during the passage of the GDPR, but the final text requires that consent must be “unambiguous”, not “explicit” (Art 4(11)). Explicit consent is required only for processing sensitive personal data - in this context, nothing short of “opt in” will suffice (Art 9(2)). But for non-sensitive data, “unambiguous” consent will do - and this allows the possibility of implied consent if an individual’s actions are sufficiently indicative of their agreement to processing.
可以找到有关 GDPR 上下文中明确/明确同意的更多信息here。
欧盟的 GDPR 要求我们在注册时为 "terms" 和 "privacy policy" 用户提供一个选择加入复选框。使用 Firebase 身份验证 UI (FirebaseUI),默认情况下我没有得到它。如何将这样的复选框添加到 FirebaseUI?
澄清一下:FirebaseUI 提供的 tosUrl 是不够的。 GDPR 要求 clear, unambiguous and affirmative consent——简而言之:他们需要主动勾选复选框。我们不能通过注册来隐含地接受条款。
那么我如何获得(未选中的)复选框供用户接受条款和隐私政策?或者我真的必须构建自定义 UI 吗?我无法相信 Google 不会支持 GDPR…
FirebaseUI 为您提供参数tosUrl,用于指向服务条款页面。示例:
var uiConfig = {
signInSuccessUrl: '<url-to-redirect-to-on-success>',
signInOptions: [
// Leave the lines as is for the providers you want to offer your users.
firebase.auth.GoogleAuthProvider.PROVIDER_ID,
firebase.auth.FacebookAuthProvider.PROVIDER_ID,
firebase.auth.TwitterAuthProvider.PROVIDER_ID,
firebase.auth.GithubAuthProvider.PROVIDER_ID,
firebase.auth.EmailAuthProvider.PROVIDER_ID,
firebase.auth.PhoneAuthProvider.PROVIDER_ID
],
// Terms of service url.
tosUrl: '<your-tos-url>'
};
然后在登录时,它会告诉用户单击“登录”按钮即表示您接受条款和条件。
更多信息在这里:
首先这个
GDPR in the EU requires us to have an opt-in checkbox for the "terms" and "privacy policy" users accept when signing up.
不正确。
只有在处理敏感的个人数据时才需要 "explicit" 同意 - 在这种情况下,只要“选择加入”就足够了(第 9(2) 条),quote from here:
- When relying on consent to process personal data, consent must be explicit: WRONG! This was a hotly debated topic during the passage of the GDPR, but the final text requires that consent must be “unambiguous”, not “explicit” (Art 4(11)). Explicit consent is required only for processing sensitive personal data - in this context, nothing short of “opt in” will suffice (Art 9(2)). But for non-sensitive data, “unambiguous” consent will do - and this allows the possibility of implied consent if an individual’s actions are sufficiently indicative of their agreement to processing.
可以找到有关 GDPR 上下文中明确/明确同意的更多信息here。