The Queen City Sitecore User group met on March 13, 2019. We were joined by three speakers from out of town that delivered talks on Sitecore JSS/Marketing and GDPR.
Corey Smith (follow Corey on Twitter) and Rick Bauer (follow Rick on Twitter) gave their presentation on Sitecore JSS and Marketing Automation. The presentation kicked off with asking the audience to vote for their favorite music genre on their Sitecore JSS powered site. Several aspects of the implementation were discussed, in particular, challenges they encountered while doing the Forms implementation on their demo site. They tied it all together at the end by showing data they had captured from the audience voting.
These are some takeaways I had from the presentation:
- XSLT is fun to make fun of. Will we be making fun of MVC in the same way in a few years after Sitecore JSS becomes more mainstream?
- Performance improvements seen in Sitecore JSS are noticeable, no full page reloads, only parts of pages that change are areas where data changes.
- Disconnected mode is a game changer, no real Sitecore anywhere to be seen.
- Actual starter kits (use them!) for each language.
- Disconnected mode uses the data folder to let you mock out Sitecore items in YML files. These files aren't Unicorn compatible.
- When you go connected, the ID's of generated items are based on the ID's you define in your YML files and will match across all environments because of this.
- In disconnected mode, you get live reload after changing data in a YML file.
- Sitecore Forms are currently not supported in Sitecore JSS
- SXA was discussed some, people love it and would love to see some integration.
- IdentifyAs can be used in custom API controllers to identify users based on form input
- same-origin, remember it if you ever want cookies to be sent with your fetch requests.
- Corey has a lengthy post about their CSRF implementation here.
Overall it was a very entertaining and engaging talk. I personally really enjoyed the strong stance they took that Sitecore JSS should be something that we should all be paying attention to and even considering adopting on new site implementations. The audience engagement worked really well and it was interesting seeing the marketing data that was generated from people selecting their favorite music genre.
GDPR compliance with Sitecore implementation
Paul Urban (follow Paul on Twitter) discussed GDPR in his session. Paul talked about why we should care about GDPR, some enforcement activity that is already taking place, as well as how he's solved certain GDPR problems for Sitecore solutions.
These are some takeaways I had from the presentation (note: these are based on some rough notes I had from the presentation, I'm not a lawyer. You should seek legal advice for GDPR compliance):
- There can be large fines for non-compliance, Google was recently fined for this, making the first big fine.
- You should have legal justification for the data you are collecting, gone are the days of collecting everything you can possibly get. There must be a need.
- Over half of companies are non-compliant.
- Hedgehog has a neat GDPR cookie popup dashboard that explains all of the cookies in use and a plain english description of what the cookie is used for, as well as some other general opt ins.
- Some sites were/are blocking EU visitors if their site wasn't compliant with GDPR.
- Marketers are able to create forms on the site that collect all sorts of information, you should be aware of information that is being gathered so it is properly disclosed.
- Sitecore 8.2 Update 7 and Sitecore 9 have "Anonymize Contact" functionality on the contact dashboard.
- There is a PIISensitve attribute you can use on custom facets you define to indicate this field contains sensitive data.
- There's a great privacy checklist on the Sitecore documentation site.
- Sitecore does robot detection by detecting mouse movement on page load, if the user doesn't move their mouse for a certain duration, they're labeled as a robot.
- A solution was discussed for opting out where if it took place, you could force the user to be labeled as a robot and information would no longer be collected.
It was great learning more about GDPR and the talk provided insights into existing solutions and showed some snippets on how to accomplish some GDPR related tasks.
Come visit the user group if you're ever in the Manchester area. The SilverTech office is a really neat old school house and is really easy to get to. Sorry for the seemingly random photos of the presentation, I'm the worst at taking photos of intro slides.