While might not be caught easily, you‘r still not compliant with GDPR by doing i... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		lixtra on Dec 12, 2021 \| parent \| context \| favorite \| on: Ask HN: Why have we accepted the cookie pop-up sit... While might not be caught easily, you‘r still not compliant with GDPR by doing it all on the server without consent.

namdnay on Dec 13, 2021 [–]

GDPR only applies to PII. If you're just collecting anonymous session tokens you're fine (it's what comes "out of the box" if you host your webapp on AWS for example, you'll see an AWS correlator ID in the request headers)

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact