Integration and Configuration of Analysis-Tools
There is a wide range of tracking tools for web analysis. In addition to Google Analytics, there are many other solutions, such as etracker, Matomo (formerly Piwik) and various WordPress plug-ins. For GDPR-compliant use, each tool must be configured individually. In the following, we have outlined a general roadmap that reflects the essential steps for legally compliant use.
Old data: If you were already using your analysis tools before the GDPR came into force, you should check whether old data exists. It is possible that this data is no longer permissible from today’s perspective and should therefore be deleted.
GDPR compliance: First of all, it must be checked whether the intended tool can be used at all with regard to the GDPR. Among other things, it is relevant where the server is located. Assuming it is located outside the EU and thus in a third country, the use could initially be illegal. However, there are solutions, for example by agreeing standard contractual clauses with the provider.
Data processing: If data processing takes place, a data processing agreement must be concluded. With most providers, this must be concluded conventionally by post. Google now offers the option of concluding the agreement online.
Configuration: As previously explained, many analytics tools are not set by default to analyse visitor data anonymously. In such cases, it is necessary to configure your own tools for this purpose.
Objection: It is also important to give the user the option to object to tracking. This is also done via the configuration of the tool, so that the visitor can switch off the function with one click, for example.