Is your website GDPR or CCPA compliant? Did you know that there are dozens of other privacy laws? While we are not lawyers, we do encourage you to work with yours to discover if any of the many privacy regulations protecting internet users are relevant to your site.
Our documentation on our GDPR and CCPA compliance and how you can become compliant as well are here: Netlify’s commitment to protect your data . If all you’re looking for is to get compliant with those, reviewing and countersigning the linked DPA at that address is what most customers do.
However, your legal team may also want to show different information per location, so that EU users get GDPR-specific messaging, and US users get CCPA-specific messaging. How can one accomplish this easily with Netlify?
Our country-based redirects are the answer!
Here’s a pattern that we’ve guided many customers in using that will probably work for you, too!
For this example, we’ll pretend our website is used in the places that have varying compliance needs - Germany, France, and the United States. Everyone else will see a default version of the site with no special settings, but visitors from these countries will see tailored content to their locale.
First off, you’ll need to isolate your country-specific details into a fixed number of files. The pattern we’ve seen is to have a CSS or other text file that has different text such as:
/wording.txt: default; empty file with no wording and your site is configured to show nothing in this case.
/eu/wording.txt: what you want to show to German and French visitors and ONLY. Perhaps it is a call to action to accept your site’s cookies or be aware that their data may be shared beyond this session.
/us/wording.txt: what you want to show to only USA visitors. Perhaps it is a call to action to opt in to data collection.
You deploy these 3 files; so far so good! But how do you direct Netlify to use the correct one for the correct location, at browse time? Here’s an example
/wording.txt /eu/wording.txt Country=de,fr 200! /wording.txt /us/wording.txt Country=us 200!
This configuration causes:
- German and French visitors to be served
- Visitors from the USA see the
- Everyone else to see
These files will be loaded transparently, in each case as “/wording.txt” - without any conditional coding on your site!
Note that these redirects use the forcing feature so that they “shadow” the existing file since otherwise, we do NOT follow redirects or rewrites but instead serve the file in the specified path.
You can add as many more countries as you like to those lists, and as many different overrides as your legal team tells you you need. As a bonus, when you use a redirect like this, any cookies that your site or visitors set called
nf_country with a 2-letter country code in will override the geo-detection; so if you know a visitor is German based on e.g. their profile settings, these redirects will still force them to the German version of the page even when they travel!