GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → karlhorky → unofficial-guide-to-google-analytics-cookie-banners

karlhorky / unofficial-guide-to-google-analytics-cookie-banners

Licence: other
Unofficial Guide to Google Analytics Cookie Banners

Unofficial Guide to Google Analytics Cookie Banners

Disclaimer: I am not a lawyer so do not take this as official legal advice. This is my best-effort interpretation of the resources below.

This is an unofficial set of guidelines to use of Google Analytics with cookie banners / notices, synthesized from the following resources:

Twitter discussion: https://twitter.com/karlhorky/status/1126025690443329536

Step 1: Usage before Consent

Google Analytics can be used without users giving consent (consent example: clicking on an accept button), if configured correctly:

If you use [the] Advertising features in GA, you must request explicit consent. If you do not, then you don’t.

Step 1a: Set the following Google Analytics GDPR settings

These settings assume that you will not need the advertising features.

  1. If you haven't yet, read and accept the Data Processing Amendment under Admin -> Account Settings Ref
  2. Uncheck all Data Sharing Settings checkboxes under Admin -> Account Settings Ref
  3. For each property, disable the advertising features you don't need. If you do need them, leave them on and make sure to implement Step 1b Option 2 and Step 2:
    1. Make sure Enable Demographics and Interest Reports is off under Admin -> Property Settings Ref
    2. Make sure both Remarketing and Advertising Reporting Features are off under Admin -> Tracking Info -> Data Collection Ref
    3. Make sure the User-ID feature is off under Admin -> Tracking Info -> User-ID Ref
  4. Make sure that you never track URLs with personal information in them (query parameters, for example) Ref

Step 1b Option 1: Anonymize the IP

If you do not need any advertising features, on creation of the tracker, set anonymizeIp to true (Ref):

ga('create', 'UA-XXXXX-Y', {
  // Make IP addresses anonymous, reducing accuracy
  anonymizeIp: true,
});

Step 1b Option 2: Anonymize the IP and disable all advertising features

Alternatively, if you need advertising features, you can disable them until you get consent by setting allowAdFeatures to false (Ref):

ga('create', 'UA-XXXXX-Y', {
  // Make IP addresses anonymous, reducing accuracy
  anonymizeIp: true,
  // Disable any default-enabled Advertising features (turn them on later when we get consent)
  allowAdFeatures: false,
});

Step 1c: Privacy Policy section

Mention Google Analytics in your privacy policy with instructions how to remove cookies (opt-out).

Step 2: Usage after Consent (optional - for advertising features)

If your strategy requires advertising features such as Demographics and Interest Reports, Remarketing with Google Analytics and DCM Integration, you need to enable them programmatically by calling the set method after consent. Any necessary features will need to be enabled again in the property (Step 1a point 3).

  1. Design a prominent cookie notice that users will notice, to improve engagement with it
  2. Once the user accepts the cookies, you may enable following features again (Ref): 
    if (userAccepted) {
  ga('set', {
    allowAdFeatures: true,
    anonymizeIp: false,
  });
}

References

Non-Google Analytics Tracking without Consent

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].