In regards to Google Analytics, in particular, Google states in their Terms of Service under section “7. Privacy“:
Google repeatedly references “applicable law” throughout their terms as many of these privacy-related stipulations are related to actual legal requirements. Google is bound to many of the same privacy laws that you are and as such, their terms reflect this.
So what does this mean in practical terms and which laws apply?
Let’s assume you have a website, you run Google Analytics on it and you want to ensure that you comply with Google’s terms (and the law). What do you have to do?
Generally, the national/regional laws of your base of operations will apply, as well as (in many cases), the laws governing the regions in which your users are based. This can be quite tricky online, as, unless you’re actively blocking some regions, you may need to address requirements across geographical boundaries and legal jurisdictions. For this reason, it’s always the best idea to handle these activities with the strictest applicable regulations in mind (which currently, is likely European Law, mostly the GDPR and Cookie Law).
You can read more about determining your law of reference here or read our in-depth Legal Overview Guide here.
Google Analytics Advertising Features
Google Analytics Advertising features allow you to enable features in Analytics that aren’t available through standard implementations. Advertising features include:
- remarketing with Google Analytics;
- Google Display Network Impression Reporting;
- Google Analytics Demographics and Interest Reporting;
- integrated services that require Google Analytics to collect data for advertising purposes, including the collection of data via advertising cookies and identifiers;
- User-ID, a feature that you can use to associate multiple sessions with a unique ID.
For more information read Remarketing with Analytics and User-ID and Cross Device on Analytics Help.
In Google’s words:
If you use an SDK to implement any Google Analytics Advertising Features, such as Audience Reporting or Remarketing, you must comply with the Policy for Google Analytics Advertising Features, in addition to the Google Play Developer Program Policies, and any other applicable policy.
- Who is the site/app owner?
- What data is being collected? How is that data being collected?
- What is the Legal basis for the collection? (e.g consent, necessary for your service, legal obligation etc.) – This is more specifically related to the GDPR and EU Law, however, even if you fall outside of GDPR obligations, under most countries’ legislations, you’ll still need to say why you’re processing the personal data of users.
- For which specific purposes are the data collected? Analytics? Email Marketing?
- Which third parties will have access to the information? Will any third party collect data through widgets (e.g. social buttons) and integrations (e.g. Facebook Connect)?
- What rights do users have? Can they request to see the data you have on them, can they request to rectify, erase or block their data? (under the GDPR most of this is mandatory)
All our policies are created by lawyers, monitored by our lawyers and hosted on our servers to ensure that they are always up-to-date with the latest legal changes and third-party requirements.
The generation process is easy and intuitive:
- Add any service you may be using. In this case, it will be Google Analytics, and possibly Google Analytics with anonymized IP, User ID extension for Google Analytics, Remarketing with Google Analytics, Google Analytics Advertising Reporting Features and/or Google Analytics Demographics and Interests Reports depending on what features you have enabled.
- Fill out your web/app owner and contact details.
How You Can Manage Cookie Usage
As mentioned above, there are two sets of specifications to be met — those of Google and those of the Cookie Law. Luckily, these two intersect and requirements for both are easily met by our comprehensive Cookie Solution.
Our Cookie Solution allows you to:
- obtain and save cookie consent settings;
- preventively block scripts prior to consent; and
- keep track of consent and save consent settings for each user for up to 12 months from the last site visit.
You can collect consent via multiple mechanisms including continued browsing, scrolling, and/ or specific clicking actions. Keep in mind though that allowed consenting actions may differ depending on the Member State law.
The process is straightforward:
After creating your account simply go to your website area:
- click on “Generate Now” under Cookie Solution;
- configure and customize as you’d like;
- embed into your site.
It’s easy to run, fast and does not require heavy investments. For more information on our Cookie Solution click here.