'ASP.NET_SessionId cookie for asp.net webform based website need GDPR compliance
I have a website which where developed in asp.net webform few years back & due to GDPR compliance i am not sure ASP.NET_SessionId
cookie need user explicit permission.
Not sure what exactly ASP.NET_SessionId cookie
is used it show for all asp.net website
Solution 1:[1]
I will go out on a limb and give an in general response. This cookie should classified as a statistic cookie and should be strictly required thus eliminating the need for consent, however if it is tied to or can be corelated to any PII then the story changes.
No PII example : IIS logs contain cookie values, ASP.Net_SessionID is logged and all other cookies are tokens or numerical anonymized values.
PII example : IIS logs contain cookie values, ASP.Net_SessionID is logged along with another cookies that contains IP address, Userid, email, phone, etc...
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
Solution | Source |
---|---|
Solution 1 | Adam Davis |