Most people want a say in who has access to their personal data and what happens to it. The need for Privacy Policies, then, stems from an attempt to respect an individual's privacy while allowing organizations to track and monitor everything from website traffic to engagement levels. Privacy Policies are a win-win for everyone.
- 1. How Google Analytics Collects Data
- 1.1. Google Analytics and Remarketing
- 2. Google Terms of Service and Analytics Policy
- 2.2. Google's Terms of Service
- 2.3. Google Analytics Terms of Service
- 2.4. Complying with Clause 7: Example
- 3. Create Compliant Cookie Consent
- 4.1. Name and Contact Details
- 4.2. The Information You Collect
- 4.3. Why You Collect the Information
- 4.4. Data Use & Sharing Policies
- 4.5. The Right to Opt Out
- 4.5.1. A Specific Google Analytics Clause
- 5. Conclusion
Google Analytics is Google's own web and traffic analytics tool. It's free to use and it's ideal for businesses who want to know more about:
- Who visits their website
- How their website is used
- What's popular on their website, and what's not
- Whether visitors return to their website
Here are just some of the specific reasons why you might consider signing up to Google Analytics:
- It helps you pick out warm leads and the visitors most likely to convert to paying customers
- You can see how effective your targeted ads are
- The platform gives you a broad-picture idea of how your website is performing which is essential for devising an overall marketing strategy
How Google Analytics Collects Data
When we break it down, this information is extremely useful for commercial purposes. For example, the collected data shows you where in the world your traffic is coming from, and whether you're appealing to your intended audience:
The data is also useful for specific marketing purposes:
Google Analytics and Remarketing
Google can place advertising cookies on a user's computer if you opt for this extra service. This service lets you target ads based on:
- Geographical location
- Audience behavior
- Audience interests
You can then devise a remarketing strategy based on the information you gather from Google Analytics:
You can create marketing campaigns based on specific niches within your audience. For example, you can target certain users by their age or gender.
Google Analytics achieves all of this by collecting personal information from your visitors.
Briefly, personal information is any information which can be used to identify someone, such as their:
- Home address
- Date of birth
- IP address
Google Terms of Service and Analytics Policy
Google has three separate policies which you should be aware of, namely:
- The general Google Terms of Service
- A specific Terms of Service for the Google Analytics service
Google's Terms of Service
The general Terms of Service is worth reading because it forms part of the terms you agree to when you use Google Analytics. The Google Terms of Service makes this clear:
Google Analytics Terms of Service
You can access the Terms of Service for Google Analytics by clicking here.
The clause in these Terms that's relevant for our purposes is clause 7. This is the privacy clause and it sets out a few things very clearly. Here is the clause in full:
- Complies with any applicable regulations, laws, and Google terms
- Makes it clear that you use Google Analytics
- Shows users how they can consent, or withdraw consent, to cookies and other information gathering
Be honest about your use of Google Analytics. It's best if you simply follow Google's instructions on this point. Google tells you to display a link to one of its policies.
Google only tells you to take "commercially reasonable" steps to obtain consent for cookies. This means that your job is to draw attention to cookie use. You should do the following:
- Ask users for consent
- Show them where they can find out more
Complying with Clause 7: Example
HarperCollins is a company that uses Google Analytics. When you click on to the HarperCollins website homepage, you're immediately presented with a banner that asks you to consent to cookie use. The banner also tells you that HarperCollins shares information with analytics partners, which includes Google Analytics:
Explicit consent, like the one obtained by HarperCollins, is always the best way to ensure that your audience consents to cookie usage.
You'll note that the banner gives visitors a chance to customize their cookie settings before they accept cookies. This is great because visitors can select what cookies they're happy to allow on their device, which complies with clause 7.
Create Compliant Cookie Consent
Here's how you can use our Cookie Consent to implement a cookie management solution for your website.
- Click on Cookie Consent at the top of our website.
- Choose your compliance preference: ePrivacy Directive only, or ePrivacy plus GDPR compliance.
- You can customize your Cookie Consent widget to best fit your website. Add your website name and select your banner notice type and color palette.
- Copy your Cookie Consent code and append it to your website page before the closing of the
"...all applicable laws, policies, and regulations relating to the collection of information from Users"
Let's now turn to the second of our major Google policy requirements: compliance with the law itself.
- The General Data Protection Regulation (GDPR) - European Union
- Personal Information Protection and Electronic Documents Act (PIPEDA) - Canada
- California Consumer Privacy Act (CCPA) - California, USA
Name and Contact Details
Here's an example from Levi's:
The Information You Collect
Your audience has a right to know what information you gather from them. Here is an example of such a clause from Barnes & Noble. It explains, so far as possible, what kind of information the retailer collects depending on how the visitor uses the service - for example, it collects a billing address if they make a purchase, and their program of study if they order academic books:
Why You Collect the Information
It's not enough to say you collect the information. Regulations such as the GDPR state that you should only collect as much personal data as is necessary. For example, you don't need someone's home address if they sign up to an email newsletter.
Here's how megastore toy retailer Mattel handles this requirement. The company makes it clear that it only collects the information it needs to fulfil a consumer's request, such as an order. It then breaks down the individual reasons why data is collected, which is very helpful for consumers who want to know this information:
Data Use & Sharing Policies
The Right to Opt Out
Everyone has the right to be forgotten by a website or to block websites from installing cookies on their device. They also have the right to opt out of marketing campaigns. Nike, for example, tells its audience about their rights to opt out of various forms of marketing:
Nike also tells its users that they can change their cookie settings, and therefore their data gathering preferences, at any time:
A Specific Google Analytics Clause
Always tell customers:
- You collect their data through cookies or other identifiers
- What personal data you collect
- Why you collect this information
- How it's processed or shared with other parties
- What rights the user has to opt out of marketing, analytics, and data sharing
- Answer the questions related to your entity type and location.
- Answer the questions relating to what type of information you collect from your users.