Privacy considerations for personal data in analytics

One of the biggest privacy concerns for analytics data is the ability for anyone to connect the online activity with individual people. A vast industry has grown around the collection and exploitation of that personal data for profit. Matomo stands out in the field of analytics as a privacy-focused solution that provides full control over how personal data is collected, processed and stored.

What is Personal Data?

Personal data is any information that can be used to identify an individual. This could be as simple as a username or email address, or it could be something like a credit card number that can be linked to an individual. Privacy laws across main markets differ somewhat in their definitions of what data about the individual they protect, but the current trend in privacy laws in the main markets is to protect both directly identifying data as well as indirectly identifying data.

For example, even seemingly innocent details such as an automatically generated Ecommerce order ID, or IP address are considered personal data. If they can ultimately be traced back to an individual user, then it should be considered personal data.

As a privacy concerned analytics user, your goal should be to collect and process as little personal data as possible, while ensuring you have enough data to make analysis effective. Whenever you do collect personal data, you want to ensure it is stored safely and securely.

Often website users are happy to share data where it provides a clear benefit. Privacy isn’t an all or nothing matter. It is possible that users will be happy to share personal information for some reasons but not others. For example, a user might be comfortable sharing their email address as part of a support request, but not agree to their email being linked with their analytics data or uploaded to advertising networks. 

Not all privacy law require consent for processing website analytics data. Learn more about using Matomo Analytics without asking for consent or cookie banner.

Some permit a different legal basis for processing, or allow collection of website analytics provided that the user is given an opportunity to opt-out if they choose to do so. Other privacy laws are firm in requiring consent before processing personal data for certain purposes (marketing or advertising).

Note the some privacy laws extend even beyond personal data and require consent for access or storing data on terminal device of the user, even if no personal data is collected. Refer to the ePrivacy Directive, National Implementations and Website Analytics guide.

If a prior consent is required, the format, content of consent and method of implementation will depend on the privacy laws that apply, types of personal data you are collecting, and also how you plan on using the personal data.

When privacy laws require consent before website owners can collect website analytics data, those privacy laws set out the consent parameters. These can differ between jurisdictions and some laws are stricter than others. GDPR is an example of strict consent standard. Under the GDPR, to be valid, a consent must be freely given, specific, informed, unambiguous and revocable. This means that (in brief summary):

  • individuals must have a real choice and control over whether to consent, without any pressure or negative consequences if they refuse;
  • consent must be specific to the purpose for which the data is being collected and processed;
  • individuals must be fully informed about what data is being collected, how it will be used, who will have access to it;
  • the consent process must be clear and straightforward, requiring an explicit affirmative action from the individual, such as ticking a box or clicking a button; and
  • individuals must be informed of their right to withdraw consent at any time, and withdrawing consent should be as easy as giving it.

Informed consent is a process for educating and providing options to your users in relation to the tracking of their personal and analytics data. The first step towards gaining informed consent on the web is a well-documented privacy policy, and where required a cookie notice (included in the privacy policy or external to the privacy policy). Read more on [creating your privacy policy page] (https://matomo.org/faq/general/configure-privacy-settings-in-matomo/#step-5-create-a-privacy-policy-page-on-your-websites).

When it comes to actually requesting consent from the user, there are many third-party consent tools available depending on your specific website requirements. Refer to the Consent Managers (CMP) Integration Guides.

Whichever CMP (or internal) solution you choose, Matomo provides built-in JavaScript functions for enabling and disabling cookiebased or cookieless (JavaScript based) tracking, based on a user’s consent choices. You can learn how to integrate with consent tools here and in Matomo’s developer documentation.

Previous FAQ: Personal data Matomo analytics collects and why