Aside, as it was me starting this thread
I spent some more time researching the issue since and found there’s a lot of paranoid interpretations of the law. According to 1&1 session cookies as such are not the problem, as they are regarded as ‘necessary’.
Certain cookies that are considered ‘strictly necessary for the delivery of a service requested by the user’ don’t have to be declared, because they are of far higher benefit to the user than the company. This includes cookies used to track shopping carts in e-commerce and to store important login information that the user requires. …
… For the use of most cookies, website operators in the EU now require permission from the user. This covers all cookies that don’t meet the requirement mentioned above of being ‘necessary’. This means that advertising cookies for retargeting, analysis, and social media cookies now require permission from the user.
German version here
My guess is a hosting business their size has consulted their lawyers before publishing info with the potential to harm their own customer base on a big scale.
As long as there’s only cformsII used, the data not stored in the db and no third party cookies for tracking and targeting involved on a site, I decided to take the risk.
I doubt that in case somebody is willingly transmitting personal data to you via your contact form, he could sue you for using this info for the sole purpose of fulfilling the request he himself submitted. Therefore such a checkbox on a contact form reminds me of “fat-free”-labels on water bottles I saw in California. Afaik, there’s no such kind of over-protective “consumer protection”-laws in the EU.
Sorry to interrupt, your views on the topic may vary.
