Is there an option planned to download all the javascript and host locally instead of the cloudfare servers? We are an agency sitting in Germany, and we received already couple of complaints from our customers because of this. At the moment this is not GDPR compliant and we are taking a risk every time building websites for our customers with webflow.
No, the only way to solve this, is to export the code and modify it manually
@lacibacsi - Webflow is not using Cloudflare, where is that entering your build?
Srry, that was a project where we included custom code for text effects, that is why the Cloudfare linking happened.
Nevertheless when a website is hosted through Webflow, java and media is served through Cloudfront. Does that happening through the EU Amazon Servers?
I mean most of the relevant Wordpress Templates and Plugins offer a toggle switch where you can host google fonts or java locally instead of US CDNs.
Is there something like that planned for Webflow?
How is this topic developing? I have started out using Webflow to develop my client’s websites, which, I am hosting using Webflow. I read that Webflow and (hopefully all of) the connections it makes to third parties like AWS Cloudfront CDN are covered by DPF-certifications. See articles by German Online law firms (its German though):
However, further investigation of the GDPR compliance situation reveals (refering to links) that apparently the DPF-certification is not sufficient to be fully compliant.
Aside from signing data processing contracts (“AV-Verträge” in German) and mentioning third party data processors in the website’s data policies, according to these links it seems mandatory to collect an active optin for such connections.
I am now specifically referring to AWS Cloudfront CDN, which Webflow seems to be loading jquery libraries from. Since, in the realm of Webflow, basic website functionality depends on the availability of jquery, it is not feasible to get an active optin for this - its technically mandatory (in order to host using Webflow). Since I cannot circumvent this behavior other than downloading and hosting my customer’s website elsewhere (in which case I would lose functionality), I have the following questions: Do we really need an optin for that? And if yes, why does Webflow not care to enable compliance here? I would highly appreciate if Webflow improved its compliance-friendliness e.g. by introducing a configuration panel to manage all external connections - like they did with Google Fonts.