GDPR

This document explains how to use the Botfuel GDPR module to ask the user for the consent to use his personal information.

Overview

This module implements a GDPRDialog, which is a subclass of PromptDialog, where each expected entity parameter matches to one consent. The default GDPRDialog implmentation expects only one general consent. The text the user consented to (or refused to consent to) is stored in the brain, as well as the value (acceptance or refusal) and the date of the action so this information can be reused during other Dialogs.

How to use the GDPR module

Follow the following steps to use the GDPR module in your bot.

Configuration

Specify the module in the bot configuration file:

module.exports = {
  modules: ['botfuel-module-gdpr'],
};

See Module Overview for more information on how to create and use a module.

Dialog

The GDPRDialog is a subclass of PromptDialog. It takes consents as parameters. For example, let’s say you want the end user to consent to giving several informations. You can specify only one general consent for all information (default implementation), or you can specify several consents such as age and email as follows:

const { GDPRDialog } = require('botfuel-module-gdpr');

class ConsentDialog extends GDPRDialog {}

ConsentDialog.params = {
  namespace: 'consent',
  entities: {
    age: {
      dim: 'system:boolean',
    },
    email: {
      dim: 'system:boolean',
    },
  },
};

module.exports = ConsentDialog;

The entities should all have the dimension system:boolean because we expect the user either to say yes or no to the consent.

As it is a PromptDialog, the GDPRDialog subclass will ask for each consent and store the answers in the brain until he has asked for all of them.

View

The module provides 3 localized views:

  • gdpr-view.en.js
  • gdpr-view.fr.js
  • gdpr-view.es.js

As with all views, the right one will be choosed according the locale configuration of your bot.

You can view their content here. They also provide quickreplies to the user so he can make his choice.

The module also comes with a generic GDPRView you can extend to fully customize the messages you want to display to the user.

Your custom view should inherit GDPRView and implement the constructor as in the following example:

const { GDPRView } = require('botfuel-module-gdpr');

class ConsentView extends GDPRView {
  super({
      defaultMessage: 'Please give your consent.',
      completeMessage: 'I have all I need to proceed.',
      quickreplies: ['OK', 'No!'],
      age: 'We will make use of your age. Do you agree?',
    });
}

module.exports = ConsentView;

The GDPRView constructor has several parameters:

  • defaultMessage: message displayed by the view to ask for a consent if no specific message for this consent is specified
  • completedMessage: message displayed at the end of the Dialog, when all consent answers have been provided by the user
  • quickreplies: convenient quickreplies provided to the user to accept/refuse consent
  • [key]: override the defaultMessage for a specific consent. key needs to match with the entity parameter of the Dialog

Is this example, the view will render the message 'We will make use of your age. Do you agree?' when asking for the age consent (entity specified in the ConsentDialog), and the default message when asking for the email consent.