Skip to main content

Docebo Help

How can we help?

Managing Your Platform's Cookie Policy

Last Updated
Docebo Module
  • Learn
Reading Time
User Level
  • Administrators

Introduction

Your learning platform uses cookies, which are text strings created by a server and stored on the hard disk of your computer or on any other device (smartphone, tablet) that you use to access the Internet before being retransmitted to subsequent access to the Internet.

Cookies allow your learning platform to collect information about user navigation, such as remembering language preferences or the currency used for a purchase, then use this information for the user’s next visit to facilitate easier use of the platform.

Cookies may be stored permanently on your device and have a variable duration (called persistent cookies), or may disappear when the browser is closed and have a limited lifespan (called session cookies). Cookies may also be installed by the site you are visiting (called first-party cookies) or may be installed by other websites (called third-party cookies). Your learning platform uses first-party cookies, third-party cookies and other similar cookies.

In order to comply with the applicable regulations affecting cookies, such as the European ePrivacy directive, Docebo provides the capability to manage the platform cookies subject to consent by granting to the platform users (data subjects) the right to decide whether to give consent to statistic, non-necessary cookies.

  • Necessary Cookies: these cookies help in making the platform more usable by enabling basic functions like page navigation and access to secured areas. The platform cannot work properly without these cookies, and Docebo does not allow users to disable them. These cookies are not subject to user consent.
  • Statistic Cookies: these cookies help your platform to understand how users interact with it, by collecting anonymous data. These cookies are not mandatory for the proper functioning of the platform but are vital for the continuous improvement of the user experience.

When requested to provide consent to the Cookie Policy, users can choose a language different from the one you selected for them, among the platform’s active languages.  If the language they select while reading the policies is different from the language selected in their My Profile area, once they access the platform, the language will be reset to the language set in their My profile area.

This article outlines how to edit and manage your platform’s cookie policy. Refer to the Knowledge Base article on the Conditions of Use for learners to learn more on how users interact with the Cookie Policy.

Cookie Policy Compliance

The cookie policy is always enabled and visible to all users by default. It cannot and must not be hidden from the platform’s interface or removed by custom CSS. 

If you, as the Superadmin, modify or remove the text of the cookie policy, you cannot disable the cookies themselves in your platform. It is your responsibility to make this clear for your users. 

Docebo provides your platform with a default cookie banner, but you can also integrate with OneTrust. If the Extended Enterprise app is activated in your platform, all of the domains managed by the app will be subject to the cookie policy selected for the main domain.

The Docebo Default Cookie Policy

Docebo provides your platform with a default cookie policy including the Docebo list of cookies, activated by default. 

In order to view and edit the default cookie policy, access the Admin Menu, then select the Cookie Policy item in the Settings section. In the Properties tab, make sure that the Platform Default option is selected in the Source section. 

Managing_the_Cookie_Policy.gif

The Content section shows the policy title, a subtitle, and its content. At any time you can modify this content according to your needs.

Move to the Preview tab to see the preview of your policy as you operate changes on it. 

Press Save Changes to update the cookie policy. Users are asked to renew their consent to the cookie policy any time you update it.

Notes on the Default Cookie Policy

  • We strongly suggest you include the [cookie_table ] s hortcode in the Cookie Policy Content text, it’ll be replaced by the list of cookies provided by Docebo. When using the [cookie_table] shortcode, you make sure that the list of cookies provided by Docebo is always up to date. As a Superadmin, it is your responsibility to outline any additional cookies that you’re using in your platform for your users in the policy. Since you cannot edit the list of cookies provided by Docebo, if you need to list other cookies, add them in the Cookie Policy Content text.
  • Docebo is providing the cookie policy text in English only. Superadmins can maintain and manage the English text and translate it in all of the languages used in the platform, as described in the Translating the Default Cookie Policy chapter of this article.
  • You can format and stylize the Cookie Policy Content as desired. Please note that:
    • the text editor embedded in the platform is Froala. Refer to the Froala Knowledge Base for further information on how to use it
    • the rendering of the output of WYSIWYG editors may be slightly different from the input, depending on the CSS rules applied.

Translating the Default Cookie Policy

Docebo is providing the cookie policy text in English only. Superadmins can maintain and manage the English text and translate it in all of the languages used in the platform.

When editing the default cookie policy, you can create the same version of the policy in multiple languages using the multi-language selector tool

Please note that when you’re creating or editing a policy in the platform’s default language, the default language fields are mandatory. However, when adding content in a language that is not the default language, the fields are not mandatory. Therefore, if you do not populate a field in one of the additional languages, that field will appear to users in the default language instead of appearing blank.

For example, if your default language is English, you must fill out every field of the cookie policy in English. If you then create the content of the same policy in French but you do not fill out the cookie policy subtitle in French, learners with their platforms set in French will see the cookie policy subtitle of their cookie policy in English.

Once you update any fields and press Save Changes, a new version is created for all languages. 

Since users need to renew their consent every time the cookie policy is updated in any language, when you are updating the cookie policy, be sure to update it in all necessary languages before pressing Save Changes.

Using the OneTrust Cookie Policy

As an option to the default cookie banner, you can integrate with the OneTrust Cookie Consent solution, as long as you have an active OneTrust account and remain in agreement with the terms and conditions in your contract.

When selecting this option, the Docebo default cookie policy does not apply and it is completely replaced by the OneTrust Cookie Policy.

To activate it, access the Admin Menu, then select the Cookie Policy item in the Settings section. In the Properties tab, select the OneTrust option in the Source section.

OneTrust_Cookie_Policy.gif

If you are using a docebosaas.com domain for your platform (i.e. my-domain.docebosaas.com), move to the Content section, paste the JavaScript code provided to you by OneTrust, and press Save Changes to save it. Here follows the suggested JavaScript code to use, depending on your scenario. 

Custom Domain

If you are using a custom domain (i.e.www.my-domain.com), move to the Content section and paste the following JavaScript code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44		 <script>
// CONFIGURATION START
const domainsSettings = [
    {
      domain: 'my-domain.docebosaas.com',
      script: `
<!-- OneTrust Cookies Consent Notice start for my-domain.docebosaas.com -->
<onetrust_script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" data-document-language="true"
type="text/javascript" charset="UTF-8" data-domain-script="89eb36ee-e757-40bd-984f-7fc8351d9577" ></onetrust_script>
<onetrust_script type="text/javascript">
function OptanonWrapper() { }
</onetrust_script>
<!-- OneTrust Cookies Consent Notice end for my-domain.docebosaas.com -->
      `
    },
    {
      domain: 'www.my-domain.com',
      script: `
<!-- OneTrust Cookies Consent Notice start for www.my-domain.com -->
<onetrust_script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" data-document-language="true"
type="text/javascript" charset="UTF-8" data-domain-script="e0acd1d7-e123-4e47-aad0-0f6fbd55d455" ></onetrust_script>
<onetrust_script type="text/javascript">
function OptanonWrapper() { }
</onetrust_script>
<!-- OneTrust Cookies Consent Notice end for www.my-domain.com --> 
      `
    }
  ];
  // CONFIGURATION END

  const currentDomain = window.location.hostname.toLowerCase();
  const head = document.querySelector('head');
  let script = '';
  domainsSettings.forEach(setting => {
    if (setting.domain === currentDomain) {
      script = setting.script;
    }
  });
  if (script.length) {
    const decriptedScript = script.replace(/onetrust_script/g,'script');;
    const domFragment = document.createRange().createContextualFragment(decriptedScript); 
    head.appendChild(domFragment);
  }
</script>

Before saving your changes, edit the code as follows:

  • Row 5: replace my-domain.docebosaas.com with the URL of your docebosaas.com domain
  • Row 17:  replace www.my-domain.com with the URL of your custom domain
  • Row 9 and row 21: replace data-domain-script with the UUID available in your OneTrust account.

Extended Enterprise

If you are using the Extended Enterprise app in conjunction with the Custom Domain app move to the Content section and paste the JavaScript code available in the Custom Domain chapter of this article, and, before saving your changes:

  • Replicate the code from line 16 to line 27 for every domain of your Extended Enterprise having a custom domain. You don’t need to replicate the code for the docebosaas.com domains.
  • In every block of code you have replicated, replace www.my-domain.com with the URL of the Extended Enterprise custom domain.

Notes on the OneTrust Cookie Policy JavaScript Code

  • When using the JavaScript code made available in this article, remember to follow the JavaScript Coding Conventions and use commas to separate the blocks of the array (any developer with basic JavaScript knowledge can help)
  • The preview of the OneTrust cookie policy is not available in the Preview tab. Visit the OneTrust website to see it.