OpenCart and the EU Cookie Legislation

fireatwire wrote:For the privacy policy I would like to write exactly about each cookie - which data it stores and for what reason.

Has someone done that already and could post it here? I'm not sure about what the session cookie saves.

Session cookies are useful for remote APIs whenever a protocol needs to initiate a request that requires cookies. Also take note that setting static cookies are not in the best programming practice since the browser limits them up to a maximum of 25 compared to session cookies. Initiating cookies can also involves security holes. Initiating session cookies via SSL is also suggested compared to static cookies that can't be handled via SSL.

straightlight wrote:

fireatwire wrote:For the privacy policy I would like to write exactly about each cookie - which data it stores and for what reason.

Has someone done that already and could post it here? I'm not sure about what the session cookie saves.

Session cookies are useful for remote APIs whenever a protocol needs to initiate a request that requires cookies. Also take note that setting static cookies are not in the best programming practice since the browser limits them up to a maximum of 25 compared to session cookies. Initiating cookies can also involves security holes. Initiating session cookies via SSL is also suggested compared to static cookies that can't be handled via SSL.

Yes, but what I am looking for is the exact data which is stored! By data I don't mean just contact details like name, email, etc. EU legislation considers every data which can identify you as a user or personalize/customize content for you. E.g. chosen language, stored search requests, tracking

If you could tell me what is saved in OpenCart's session cookie I would be very thankful.

fireatwire wrote:

straightlight wrote:

fireatwire wrote:For the privacy policy I would like to write exactly about each cookie - which data it stores and for what reason.

Has someone done that already and could post it here? I'm not sure about what the session cookie saves.

Session cookies are useful for remote APIs whenever a protocol needs to initiate a request that requires cookies. Also take note that setting static cookies are not in the best programming practice since the browser limits them up to a maximum of 25 compared to session cookies. Initiating cookies can also involves security holes. Initiating session cookies via SSL is also suggested compared to static cookies that can't be handled via SSL.

Yes, but what I am looking for is the exact data which is stored! By data I don't mean just contact details like name, email, etc. EU legislation considers every data which can identify you as a user or personalize/customize content for you. E.g. chosen language, stored search requests, tracking

If you could tell me what is saved in OpenCart's session cookie I would be very thankful.

It may vary between the Opencart version distributions:

- Affiliate tracking code
- Amazon Login State Cache
- Currency settings
- Language code

out-of-the-box. No other information have been found in the Opencart v2.2.0.0 version.

Thank you!
But if they are adding items to the shopping cart while they are not registered, how does Opencart save the information? It is not in a (session) cookie?

fireatwire wrote:Thank you!
But if they are adding items to the shopping cart while they are not registered, how does Opencart save the information? It is not in a (session) cookie?

This question also relies on Opencart version distributions. Prior versions of Opencart v2.2, the information used to be stored on a super globals array on the browser when guests customers stored their products information in the cart. No cookies was ever used for that. Nowadays, database storage for any user level is rather involved to store those information and it is better this way.