GDPR in the EU requires us to have an opt-in checkbox for the “terms” and “privacy policy” users accept when signing up. Using the Firebase Authentication UI (FirebaseUI), I don’t get this by default. How can I add such a checkbox to FirebaseUI?
To clarify: The tosUrl provided by FirebaseUI is not enough for this. The GDPR requires clear, unambiguous and affirmative consent — in short: they need to actively check a checkbox. We can’t just accept terms implicitly by signing up.
So how do I get an (unchecked) checkbox for users to accept terms and privacy policy? Or do I really have to build a custom UI? I can’t believe that Google would not support the GDPR…
First of all this
GDPR in the EU requires us to have an opt-in checkbox for the “terms” and “privacy policy” users accept when signing up.
is not true.
The “explicit” consent is required only for processing sensitive personal data — in this context, nothing short of “opt in” will suffice (Art 9(2)), quote from here:
- When relying on consent to process personal data, consent must be explicit: WRONG! This was a hotly debated topic during the passage of the GDPR, but the final text requires that consent must be “unambiguous”, not “explicit” (Art 4(11)). Explicit consent is required only for processing sensitive personal data — in this context, nothing short of “opt in” will suffice (Art 9(2)). But for non-sensitive data, “unambiguous” consent will do — and this allows the possibility of implied consent if an individual’s actions are sufficiently indicative of their agreement to processing.
More on explicit / unambiguous consent in context of GDPR can be found here.
Answered By — Marian Paździoch
Answer Checked By — Terry (FixIt Volunteer)
This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0