PIPEDA compliance surfaces: privacy policy, terms, cookie banner, and signup consent gates

Commit `0a864f44` adds a set of privacy-compliance UI components aimed at Canada's PIPEDA: a `/privacy` page, a `/terms` page, a cookie consent banner, and consent checkboxes on signup. All frontend, no backend dependencies.

complianceintake

The cookie banner (frontend/src/app/components/cookie-banner.tsx) checks localStorage.getItem("pipeda_consent") on mount, shows a fixed bottom bar with a link to /privacy and an Accept button, then stores "pipeda_consent": "true" on acceptance. It's mounted in layout.tsx so it appears app-wide. Straightforward, no external cookies library needed.

The /privacy page is 74 lines of React covering PIPEDA's ten principles by number: identifying purposes (Principle 4.2), consent (4.3), limiting collection (4.4), and so on. The copy references Canada's Personal Information Protection and Electronic Documents Act explicitly and organizes disclosures into sections for account data, application data, and third-party services. The /terms page is 46 lines covering acceptable use and the AS IS disclaimer.

The signup changes add two checkboxes: one for the privacy policy and one for terms of service, both required before form submission. Notably, the signup form still authenticates against Supabase - which is inconsistent with the login page's local-JWT swap in the same fork, but the PIPEDA surfaces themselves don't depend on the auth backend.

The legal copy would need review by anyone deploying this for real; the structure and component layout are more immediately reusable than the exact text.

So what Good reference for PIPEDA or GDPR-style compliance UI. The cookie banner + `/privacy` page + signup consent flow is self-contained and carries essentially no import risk - it's all presentational components with no service calls. Legal copy needs your own review before deployment.

View this fork on GitHub →

Spotted something wrong? Or know the PR text has fresher detail than the writeup above?

Commits in this thread

1 commit from jrklaus8/mike-Canada, oldest first. Source extracted verbatim from the harvested git log.

SHA Subject Author Date
0a864f44 feat: PIPEDA compliance - privacy policy, terms, consent checkboxes, and cookie banner MikeOSS Bot 2026-05-22 ↗ GitHub

Capture this thread into my fork

Download a single Markdown prompt that tells Claude how to port every commit above into your working tree — adapting paths and structure to match your repo. Run it via claude -p < capture-thread-546.md from inside the repo you want the changes in.

⬇ Download capture-thread-546.md