What is website analytics? Can I get compliant website analytics?
You have a website and you want to know how many users visit and what they click on. You’d also like to see conversion rates and be able to track your ad campaign’s reach.
Website analytics tools range from free to paid versions with basic metrics to complex charts – the most popular being Google Analytics. Different website analytics tools yield different insights, so finding the right one can be important.
Website analytics data can help you understand what works and doesn’t work on your domain, so you can optimize your website, its user traction and ad campaigns, e.g. target potential customers, measure your website’s ROI (return on investment) and more.
But have you heard about the EU’s General Data Protection Regulation (GDPR)?
And that you need to be in compliance with the GDPR’s requirements for end-user privacy protection, specifically asking for and getting the explicit consent from end-users before processing any personal data in connection with the operation of your website’s analytics tools?
Regardless of where in the world your website is located, if you process data on users from inside the EU, you are required to meet the GDPR’s compliance standards – including its consent requirements.
But what if users say NO to cookies on your domain, leaving your website analytics tools blind and incapable of collecting any data, since you are legally obligated to respect user consent?
Does it mean you have to choose between protecting user privacy and securing data-driven website analytics for optimizing your website, its performance and marketing?
Try Cookiebot CMP to get compliant website analytics
Built around a powerful scanner that finds all cookies, trackers and trojan horses on your website, Cookiebot CMP automatically manages consent for each individual user, including secure storage and documentation, and renewal of all user consents in accordance with data law requirements.
Try free for 14 days – or forever if your website has under 50 subpages.
Cookiebot CMP and Google Consent Mode
Compliance without breaking website analytics
By combining Cookiebot CMP with Google Consent Mode on your website, you can rest assured that your website is compliant and that you will continue to get website analytics delivered.
No more analytics-breaking compliance, no more compliance-breaking website analytics!
Cookiebot CMP controls all end-user consent and then forwards each anonymous and individual consent state to Google Consent Mode, which then controls your website analytics tools, e.g. Google Analytics, based on this consent state.
Website analytics without cookies
If users say NO to cookies and trackers, Cookiebot CMP sends this anonymous negative consent state to Google Consent Mode, which ensures that Google Analytics still collects data and operates to give you vital insights into your domain’s performance.
Compliant website analytics include –
- Aggregate conversion measurement for ad campaigns
- Timestamps of visits to your domain
- Referrer and data on how users arrive at your site
- User agent
- Whether current or prior page in user’s navigation includes ad-click information in the URL
- Random number per each page load
With compliant website analytics from Cookiebot CMP and Google Consent Mode, your website is able to display contextual advertisement based on non-identifying information instead of behavioral advertisement based on personal data from end-users.
Try Cookiebot CMP free for 14 days – or forever if you have a small website.
Compliant website analytics, in detail
Protect end-user privacy and receive compliant website analytics data all-in-one
Third-party trackers that harvest sensitive, private information on people when they search, browse and shop online have become a cautionary tale in the growing public awareness around data privacy and the adtech industry’s eerie surveillance of the Internet’s users.
But website analytics don’t have to be based on targeted, personalized tracking, and can instead rely on non-identifying aggregate information about number of page visits, location of users and website performance.
Nonetheless, growing public data privacy awareness has crystalized into concrete data laws around the world – the biggest and most influential being the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), Brazil’s Lei Geral de Proteção de Dados Pessoais (LGPD) and South Africa’s Protection of Personal Information Act (POPIA).
Compliance with, in particular, the EU’s GDPR can often result in your website’s analytics breaking, and you losing vital data on your domain’s performance, because end-users are empowered with the right not to consent to all non-necessary cookies and trackers implemented on your website.
These include preference cookies, statistics cookies and marketing cookies that are often responsible for the majority of website analytics tools and ad campaigns on websites.
What do data privacy laws say about website analytics and compliance?
Since website analytics data is often personal data, you most likely need a consent management platform to ensure all collection and processing is compliant.
Personal data or personal information or personally identifiable information is defined slightly differently by each major data privacy law, but in general they all include –
- Names, email addresses, physical addresses, phone numbers,
- IP addresses, cookies, trackers, unique IDs,
- Search history, browser history, device information,
- Household information, cross-device tracking,
- Online preferences, interests, purchase history,
- Political convictions, religious beliefs, memberships, affiliations.
If your website has users from Europe, California, Brazil or South Africa, you must make sure that your website analytics tools and data collection is in compliance with the various requirements of the respective laws.
The EU’s GDPR protects personal data from individuals inside the European Union from unconsented collection and processing. Users must give their explicit, informed consent before you are allowed to activate your website analytics tools by letting cookies and trackers collect their personal data. EU users must also be told about how you collect their data, for what purposes and with whom you share it.
California’s CCPA empowers California residents to opt out of your website analytics and marketing practices by asking you to stop sharing and selling their personal information. You are also required to notify Californian users about your website analytics programs; what data you collect, for what purposes and with whom you share it.
Brazil’s LGPD protects users inside the territories of Brazil from personal data collection and processing without consent. Brazilian users must be notified about your website analytics programs, how and why they collect data, who you share it with, as well as give their prior consent.
South Africa’ POPIA similarly protects end-user data inside South Africa by making consent a base requirement for any collection and processing of personal information, including for the purpose of website analytics and marketing campaigns.
How website analytics works
Cookies, personal data and compliance
Most website analytics tools work through cookies and trackers.
These cookies are categorized as third-party cookies, since they do not originate on and belong to your own website.
Website analytics cookies will activate once a user lands on your website, and then store themselves on the user’s browser and collect data on them, and these data can range from IP addresses to unique IDs that are randomly generated, but able to track, locate and identify the user upon repeated visits.
There are many different types of cookies and trackers, from the privacy-friendly session cookies that expire immediately once a user leaves your website again, to the privacy-infringing persistent cookies that collect personal data and can have lifespans close to that of human beings.
Unique IDs and assigned trackers that are able to recall the same user is foundational for the most common metrics you get from website analytics tools.
This is how Google Analytics works, as well as myriads of other website tracking tools.
Aggregating – or combining – all this data into charts and visualizations enables you to see developments and trends emerging and to act upon them in due time.
Website analytics without using cookies
The launch of Google Consent Mode marks a turn by the adtech industry towards consent-based tracking – putting end-users at the center, while empowering website owners and operators to ensure a continued stream of website analytics and data while respecting user choices.
Turning away from third-party cookies, as Google has pledged to do by 2022, solidifies this move towards data privacy by design: end-user privacy cannot be ignored or neglected, not even in the pursuit of data-driven website analytics and marketing.
But website owners, the adtech industry and the Internet economy as a whole must also be brought into balance with the strong data privacy laws like EU’s GDPR, California’s CCPA, Brazil’s LGPD and South Africa’s POPIA.
That’s why Google Consent Mode and Cookiebot CMP integrated is such a simple, yet powerful combination for your website – making sure that you are in full compliance without breaking your website’s analytics by giving you new possibilities for tracking without cookies.
Get compliant website analytics for free today
Cookiebot CMP enables compliance for our website with all major data privacy laws in the world.
Built around a powerful scanner that finds all and controls all cookies and trackers on your website, Cookiebot CMP offers automatic, plug-and-play compliance for your website, secure storage and documentation of all consent and automatic renewal.
Try Cookiebot CMP free for 14 days – or forever if you have a small website.
How can I get analytics on my website?
Is my website analytics compliant?
Do you ask for and obtain the explicit consent from end-users before tracking their personal data through the use of third-party cookies? If you don’t, then your website’s analytics is not compliant. Make sure that your consent management platform ensures full compliance on your website, including the operation of your website analytics tools.
Try Cookiebot CMP free for 14 days– or forever if you have a small website.
Can I track users without cookies?
Yes, with Google Consent Mode and Cookiebot CMP you will be able to receive valuable data, key metrics and basic measurements from your website analytics tools without using cookies. If your end-users opt out of cookies on your website, Google Consent Mode and Cookiebot CMP make sure that your website still receives vital insights into your domain’s performance. Full compliance without breaking your website analytics.
Do I have to comply with the EU’s GDPR?
If your website has users from inside the EU, you are required to comply with the EU’s General Data Protection Regulation (GDPR) – regardless of where in the world you and your website is located. You are required to ask for and obtain the explicit consent from end-users before tracking any of their personal data for the use of website analytics.
Try Cookiebot CMP free for 14 days – or forever if you have a small website