Fantastic Support

GDPR compliant integration and adaptation of Google Analytics

Google Analytics is a widely used and popular analysis tool. There have always been data protection problems and questions to be solved when using Google Analytics. The entry into force of the GDPR does not make the challenges for an implementation that is as flawless as possible in terms of data protection law any easier.

 

The following steps must be taken to ensure that Google Analytics is as legally secure as possible:

Step 1: Conclude a data protection agreement with Google

With this contract Google assures you to protect the user data. You can conclude the contract by clicking in the Google Analytics interface. 

 

To do this, go to "Administration" (Gearwheel) > Click on "Account Settings" > Click on the button "Add" > Click on the button "Done". Then enter the data on the person responsible, contact options and, if necessary, the data protection officer.

Step 2: Anonymize the IP address

Since the IP address is a personal date, it must be shortened. Google does not offer this function offensively. Therefore, there are usually several ways to perform anonymization. Depending on the CMS, blog or shop system used, anonymisation can already be integrated by the software manufacturer. If this is not the case, it still depends on the analytics code used. This code has undergone various changes in recent years, so we cannot offer a blanket solution here. 

 

Technical details on IP anonymization can be found directly at Google:

 

https://support.google.com/analytics/answer/2763052?hl=en

 

Example of a possible implementation of anonymization: 

 

 

As already mentioned, the tracking code you use can look completely different, so there is no standard solution.

 

Step 3: Issue User ID

With this user ID, Google is able to track visitors to your pages across multiple devices (desktop, smartphone,...). Since your visitors cannot expect to be tracked across multiple devices and will not be informed in most cases, we recommend deactivating this function. 

 

You will find the settings for this under the Settings of the Property > Tracking Information > User ID. There set the switch to "off".

Step 4: Disable Remarketing

If you serve Google AdWords ads and your AdWords account is linked to your Analytics account, you can use this feature to create audiences for advertising in AdWords. So you (or rather Google) send data to a third party tool. 

 

You can also find the settings in the Property > Target Group Definitions.

Step 5: Shorten storage time

In the course of the GDPR, Google has published a function with which you can now set the storage period in Analytics. The shortest storage period here is 14 months, if you can't explain why you store the data longer, then you should set 14 months here. See also this: (Art. 6 para. 1 lit. f. GDPR).

 

The settings for the storage period can also be found in the settings of the respective property under Tracking Information > Data Retention.

Step 6: Add or renew data protection information

This measure is not new; even before the introduction of the GDPR, the use of Google Analytics had to be pointed out in the data protection declaration. You can create a sample declaration here:

 

https://privacypolicies.com/

Step 7: Install Google Analytics Opt-Out Script

By integrating an opt-out script, users can prevent tracking by Google Analytics. There are several ways to do this.  Since the opt-out solution offered by Google does not work on mobile devices, you should implement your own solution using JavaScript. You will find further information under the following link: https://developers.google.com/analytics/devguides/collection/gajs/?hl=de#disable

Step 8: Deletion of old data

If you have collected data with Google Analytics without anonymizing the IP addresses, you must delete this old data. You will find the deletion function in the settings of the properties, there you select "Move to trash", whereby the data is finally deleted after 35 days.

This information offer is not legal advice!

We would like to point out that our website is for information purposes only and does not constitute legal advice. The content of this offer cannot replace a binding legal advice. All information is without guarantee of correctness and completeness.

Was this article helpful?

Thank you very much for your review!

Thank you very much for your review!

You have already rated this item.

Thank you for your time.

Do you require assistance?

Support

Telephone support

Companies that trust us

Other products you might be interested in
Website Builder
Create your own website without any programming knowledge.
Create a Website
Webhosting
Concentrate fully on your project! Performance and security included.
Rankingoach
Optimize your Web site and achieve top rankings.
Website optimization
SSL Certificates
For your site, more safety protect yourself from hacker attacks.
Quickly protect