Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

When using OAuth, how do you get a user to accept your Terms and Conditions?

When signing a website user up/connecting with Oauth, whether it be Twitter, Google, Facebook etc..., how do you get them to accept your Terms and Conditions?

I understand that the user gives consent for Google, or whoever, to use their data but if I or my company has additional T&Cs that need to be consented to, how would I do that? Can it be done at the same time within the Google consent or would I have to return them to a page for them to tick a checkbox to consent?

I can't just say by clicking or signing up you consent to our T&Cs as the future GDPR regulations say that the user has to give a positive action to (ticking a checkbox) to give their consent.

Thanks

like image 669
AndyD Avatar asked Oct 17 '22 09:10

AndyD


1 Answers

I think the right way is for you to show a page with T&C and then record the date and the "text version" the user agreed to. Ideally, you should do this before the user's data is stored (account is created on your side) so if the user doesn't accept, you don't have to try to delete all the data.

The Google approval page shows the links to your privacy policy and ToS but user is not really agreeing to those and you don't have a proof of what was actually shown.

like image 176
nvnagr Avatar answered Oct 21 '22 06:10

nvnagr