[anonzzzies]

Thanks for you quick response! I was thinking what use this particular pop up has because basically it would not hold up for GDPR, so...

I always wonder; why use evil tech to begin with? So why not avoid it not to please some regulator, but just because it's not needed? Use Plausible for analytics, don't embed Youtube, don't use Recaptcha, no adsense, (feel the google...) etc... What else needs to track/spy on your users that you need when not using dark patterns for this type of application? If you don't use any of it and just put a cookie for necessary purposes, you don't need any banner/popup at all.

[supradeux]

Ah good question, it depends. So getting a GDPR compliance requires you to not only put that popup, but also disclose what personal information you are storing, to both the auditor and the user. The anomalies arrive when the users are not careful to read those disclosures and the companies take advantage. In our case, we gather only the user emails from Oauth2 media, which we use to analyse user behaviour and improve the product.

And adding to that, any platform in this domain, if it asks for more personal information, is subject to suspicion as to what they use it for.