Inform your users, Security and Documentation for GDPR compliance

Inform your users clearly and transparently

Inform your users, and make sure your colleagues are aware of the data being collected and how it is used:

1. Inform your visitors through a clear privacy notice whenever you’re collecting personal data.
2. Inform your users in your privacy policy about what data you collect and how the data is used.
3. Make your team aware that you are using Matomo Analytics and what data is being collected by your analytics platform.
4. Document your use of Matomo within your information asset register.

Security procedures

Inform your users clearly and transparently, and make your colleagues aware of the data being collected and how it is used:

1. Apply our security recommendations in order to keep your Matomo data safe.
2. Check that you have a written contract with the company providing you the Matomo server or hosting which ensures appropriate safeguards are provided.
3. Include Matomo in your data breach procedure.
4. Include Matomo in your data privacy impact assessment (DPIA), if applicable.

GDPR Resources

• Matomo Privacy User Guide
• GDPR compliance for Matomo’s Premium Features
• How to make Matomo GDPR compliant in 12 steps
• As part of privacy legislation worldwide including GDPR but also ePrivacy, it is often required to display a cookie banner informing users about cookies, or consent must be obtained before tracking visitors’ personal data. However there is a solution available: you can use Matomo Analytics without needing consent and without a cookie banner, by following all the steps at: How do I use Matomo Analytics without consent or cookie banner?
• How to fill in the GDPR information asset register when using Matomo?
• Lawful basis for processing personal data under GDPR with Matomo: legitimate interest and consent
• How to not process any personal data with Matomo and what it means for you
• How should I write my privacy notice for Matomo Analytics under GDPR?
• How to complete your privacy policy with Matomo analytics under GDPR?
• How to get your Matomo plugin ready for GDPR
• How do I anonymize previously tracked raw data (visitors, visits) to remove personal data?
• It’s January 28th: Let’s celebrate Data Privacy!
• Matomo Privacy Policy