AEM Sites - GDPR Readiness

Search
Experience Manager 6.4 Sites Administering User Guide

On this page

Applies to: Experience Manager 6.4 Sites

在中国购买的 Creative Cloud 产品不含 CC 桌面应用程序中的 Creative Cloud 移动应用程序和在线服务及相关功能。

You're viewing help content for version:

The European Union's General Data Protection Regulation on data privacy rights takes effect as of May 2018.

AEM Sites is ready to help customers with their GDPR compliance obligations. This page guides customers through the procedures to handle GDPR requests in AEM Sites. It describes the location of private data stored, and how to remove them manually or with code.

For further information see the GDPR page at the Adobe Privacy Center.

Note:

See AEM GDPR Readiness for further details.

Author Server

User accounts and UGC content on the author server are covered in the Platform GDPR documentation.

Publish Server

User accounts used to authenticate visitors on the site, and UGC content on the publish server are covered in the Platform GDPR documentation.

By default AEM Sites components do not store form-data entered by visitors on the publish server. It is recommended to forward the data to a third party system, or Adobe Campaign for further processing.

Opt-In/Opt-Out

AEM has a cookie opt-out service that can be used for managing the opt-in/opt-out for users.

ContextHub

AEM provides an optional data layer with ContextHub. This keeps visitor-specific data in the browser, to be used for rules-based personalization.

By default, this visitor-data is not stored in AEM; AEM sends rules to the data layer to make personalization decisions in the browser.

Note:

Prior to Adobe CQ 5.6, the ClientContext (an earlier version of ContextHub) did send the data to the server, but did not store them.

Adobe CQ 5.5 and earlier are now EOL and not covered by this documentation.

Implementing Opt-in/Opt-Out

The site owner needs to implement an opt-out component according to the following guidelines.

These guidelines implement opt-in as the default. Thus, a website visitor must clearly agree, before any Personal Data is stored in the browser's (client-side) persistence.

  • The opt-out component should be included every time the ContextHub component is included.

  • The terms and conditions that relate to GDPR for the website, must be displayed to the website visitor, allowing them to:

    • accept
    • reject
    • change their previous choice

  • If a site visitor accepts the site's terms and conditions, the ContextHub opt-out cookie should be removed:

    ContextHub.Utils.Cookie.removeItem('cq-opt-out');

  • If a site visitor does not accept the site's terms and conditions, the ContextHub opt-out cookie should be set:

    ContextHub.Utils.Cookie.setItem('cq-opt-out', 1);

  • To check whether ContextHub is running in opt-out mode, the following call should be made in the browser's console:

    var isOptedOut = ContextHub.isOptedOut(true) === true;
// if isOptedOut is true, ContextHub is running in opt-out mode

Previewing Persistence of ContextHub

To preview persistance used ContextHub, a user can:

  • Use the browser's console; for example:
    • Chrome:
      • Open Developer Tools > Application > Storage:
        • Local Storage > (website) > ContextHubPersistence
        • Session Storage > (website) > ContextHubPersistence
        • Cookies > (website) > SessionPersistence
    • Firefox:
      • Open Developer Tools > Storage:
        • Local Storage > (website) > ContextHubPersistence
        • Session Storage > (website) > ContextHubPersistence
        • Cookies > (website) > SessionPersistence
    • Safari:
      • Open Preferences > Advanced > Show Develop menu in menu bar
      • Open Develop > Show JavaScript Console
        • Console > Storage > Local Storage > (website) > ContextHubPersistence
        • Console > Storage > Session Storage > (website) > ContextHubPersistence
        • Console > Storage > Cookies > (website) > ContextHubPersistence
    • Internet Explorer:
      • Open Developer Tools > Console
        • localStorage.getItem('ContextHubPersistence')
        • sessionStorage.getItem('ContextHubPersistence')
        • document.cookie
  • Use the ContextHub API, in the browser's console:
    • ContextHub provides following data persistence layers:
      • ContextHub.Utils.Persistence.Modes.LOCAL (default)
      • ContextHub.Utils.Persistence.Modes.SESSION
      • ContextHub.Utils.Persistence.Modes.COOKIE
      • ContextHub.Utils.Persistence.Modes.WINDOW

      The ContextHub store defines which persistence layer will be used, thus to view the current state of the persistence all layers should be checked.

For example, to view data stored in localStorage:

To preview persistance used ContextHub, a user can:

  • Use the browser's console:
    • Chrome - open Developer Tools > Application > Storage:
      • Local Storage > (website) > ContextHubPersistence
      • Session Storage > (website) > ContextHubPersistence
      • Cookies > (website) > SessionPersistence
    • Firefox - open Developer Tools > Storage:
      • Local Storage > (website) > ContextHubPersistence
      • Session Storage > (website) > ContextHubPersistence
      • Cookies > (website) > SessionPersistence
  • Use the ContextHub API, in the browser's console:
    • ContextHub provides following data persistence layers:
      • ContextHub.Utils.Persistence.Modes.LOCAL (default)
      • ContextHub.Utils.Persistence.Modes.SESSION
      • ContextHub.Utils.Persistence.Modes.COOKIE
      • ContextHub.Utils.Persistence.Modes.WINDOW

      The ContextHub store defines which persistence layer will be used, thus to view the current state of the persistence all layers should be checked.

For example, to view data stored in localStorage:

var storage = new ContextHub.Utils.Persistence({ mode: ContextHub.Utils.Persistence.Modes.LOCAL });
console.log(storage.getTree());

Clearing Persistence of ContextHub

To clear the ContextHub persistence:

  • To clear persistence of currently loaded stores:

    // in order to be able to fully access persistence layer, Opt-Out must be turned off
ContextHub.Utils.Cookie.removeItem('cq-opt-out');
 
// following call asks all currently loaded stores to clear their data
ContextHub.cleanAllStores();
 
// following call asks all currently loaded stores to set back default values (provided in their configs)
ContextHub.resetAllStores();

  • To clear a specific persistence layer; for example, sessionStorage:

    var storage = new ContextHub.Utils.Persistence({ mode: ContextHub.Utils.Persistence.Modes.SESSION });
storage.setItem('/store', null);
storage.setItem('/_', null);
 
// to confirm that nothing is stored:
console.log(storage.getTree());

  • To clear all ContextHub persistence layers, the appropriate code must be called for all layers:

    • ContextHub.Utils.Persistence.Modes.LOCAL (default)
    • ContextHub.Utils.Persistence.Modes.SESSION
    • ContextHub.Utils.Persistence.Modes.COOKIE
    • ContextHub.Utils.Persistence.Modes.WINDOW

This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Twitter™ and Facebook posts are not covered under the terms of Creative Commons.

Legal Notices   |   Online Privacy Policy