Joomla Core Capabilities

  • All requests to a Joomla website start a session which stores the IP address in the session data and creates a session cookie in the user's browser. The IP address is used as a security measure to help protect against potential session hijacking attacks and this information is deleted once the session has expired and its data purged. The session cookie's name is based on a randomly generated hash and therefore does not have a constant identifier. The session cookie is destroyed once the session has expired or the user has exited their browser.
  • Joomla's logging system records the IP address of the visitor which leads to a message being written to its log files. These log files are used to record various activity on a Joomla site, including information related to core updates, invalid login attempts, unhandled errors, and development information such as the use of deprecated APIs.
  • When a network connection is available, a Joomla installation will attempt to communicate with the servers for various capabilities, to include:
    • Checking for updates for the Joomla application
    • Help screens for core Joomla extensions
    • The Install from Web service (opt-in)
    • The statistics collection server (opt-in)
    As with all HTTP requests, the IP address of our server will be transmitted as part of the request. For information on how Joomla processes data on its servers, please review our privacy policy.

Authentication - Cookie

  • In conjunction with a plugin which supports a "Remember Me" feature, such as the "System - Remember Me" plugin, this plugin creates a cookie in the user's browser if a "Remember Me" checkbox is selected when logging into the website. This cookie can be identified with the prefix `joomla_remember_me` and is used to automatically log users into the website when they visit and are not already logged in.


  • The reCAPTCHA plugin integrates with Google's reCAPTCHA system as a spam protection service. As part of this service, the IP address of the user answering the captcha challenge is transmitted to Google.

GDPR Component Capabilities

  • Logs of user changes: whenever a change in a user profile occurs, for example if a user changes his personal data, all changes must be tracked and logged. The GDPR component keeps track of every change for personal data including custom fields. The logs report can be exported in CSV and Excel formats.
  • Logs of consents: the logs of user consents is a global system that allows to keep track of all consents given by users, either logged in or logged out, to every form in which you integrate the privacy policy checkbox generated by the GDPR component. The logs report can be exported in CSV and Excel formats.
  • Cookie consent: to be compliant with the EU Cookie Law you need an effective solution to really block local cookies and third-party cookies before the consent is given by users, even supporting revocable consent and cookie categorization.
  • Logs of cookie consents: the GDPR component is able to track even consents given for the cookie usage both by visitors and registered users of your website.
  • Consents registry: you can generate and export a registry including consent details given by users that is an essential document if requested by the Data Protection Commissioner.
  • Data breach notifications: in the case that a data breach occurs, you can mark violated profiles and quickly notify users and the Data Protection Commissioner sending them an alert email.
  • Record of processing activities: the GDPR component is able to manage the record of processing activities and its generation in both Excel and OpenOffice format to be compliant with the EU GDPR.
  • Fully automated deletion and export: by default the deletion and export of a user profile is fully managed by the GDPR component and self-made by the user so you don't have to worry about manual operations. Optionally you can choose to manage deletion and export manually and receive a request by users that is integrated with the Joomla! Privacy Component.
  • Revocable consent: you can allow users to revoke their consent to each privacy policy consent and even force already registered users to explicitly accept the privacy policy on the first login.


  • HikaShop stores by default the IP address when someone posts a vote or a comment on a product, when someone adds something to their cart, when someone registers on the website through HikaShop, and when someone places an order through HikaShop.
  • HikaShop stores the addresses the customer uses for his carts / orders.


  • In order to process information requests, information about the user must be collected and logged for the purposes of retaining an audit log. The request system is based on an individual's email address which will be used to link the request to an existing site user if able.

Klarna Bank

Klarna Bank AB (publ) (“Klarna”) uses cookies to recognize the user’s device for the purpose of providing advertising of Klarna products the next time the user will browse the merchant’s website offering Klarna products, and for analytics purposes.

Persistent marketing and analytics cookies

  • These cookies contain a unique user ID which will enable Klarna to recognize the user’s device the next time that user returns to the merchant. These are persistent cookies, stored on the device for a period of up to 540 days as of the last interaction with Klarna, or until they are deleted and allow Klarna (i) to show marketing of Klarna products, including credit promotions to the user, and (ii) to perform analytics of the user behaviour.
    By connecting the unique user ID stored in the cookie on the device to the information Klarna has about the user, Klarna will be able to recognize the user of that device. No information connected to the cookies is shared with any third party.

The user’s consent and revocation of consent

  • Setting cookies for marketing purposes is subject to the user’s consent, which will have to be obtained before the cookies are set on the user’s device. In addition, the web browser or device often allows the user to change the settings for the use of cookies. More information on how to adjust the settings can be found in the browser of device reference information, and on

About Klarna

  • Klarna Bank AB (publ) is subject to Swedish Data Protection legislation, and is the data controller for the purpose of processing the personal data as described above. Klarna has a Data Protection Officer and several lawyers specialised in data protection. Klarna also has a customer service team handling questions relating to personal data. You are welcome to contact Klarna at This email address is being protected from spambots. You need JavaScript enabled to view it. Please visit for more information about Klarna, and how Klarna processes personal data.

eve taylor london logo

KEITS logo Text on Right



cityguilds aproved