Iubenda logo
Start generating


Table of Contents

Google Analytics and the GDPR – How to be compliant

What is “Google Analytics”?

Google Analytics is a web analytics service provided by Google that tracks and reports website traffic. It enables users to identify trends and analyze visitor behaviour, allowing them to optimize their website and marketing campaigns.

Do I need a Privacy Policy if I use Google Analytics for my website or app?

Yes, you do.
Privacy policies are required under most privacy legislations worldwide including the GDPR, CCPA/CPRA, LGPD and more.

If you use Google Analytics, you should add the “Google Analytics” service to your privacy policy. Among the Personal Data collected you may find:

  • trackers,
  • usage data.

For more information on how Google Analytics processes personal data, see their privacy policy or check their main website.

Does Google Analytics use tracking cookies?

Yes, Google Analytics may use tracking cookies. Therefore, if European laws like the GDPR apply to you, you will need to collect opt-in consent before running Google Analytics. If US laws like the CPRA and VCDPA apply to you, you may need to provide your users with a way to opt-out of tracking. See which laws apply to you here.

Do I need a Cookie Policy if I use Google Analytics for my website or app?

Yes, you do.

Google Analytics may install cookies on your visitors’ devices, as stated on their website. Therefore, you’ll likely need a Cookie Policy as well.

Not sure if your website is installing cookies?

🔍 Scan your site now →

Which cookies does Google Analytics use?

Name of cookie How long it lasts (max age in seconds)
_ga 63072000
_gac* 7776000
_gat 60
_gid 86400

Do I need a Cookie Banner if I use Google Analytics on my website or app?

In general, websites that use third-party cookies as well as their own cookies for tracking and analytics must comply with the law and therefore are required to obtain the user’s express consent.

If you operate in Europe or could potentially have European users, you need to comply with the GDPR and ePrivacy.

Our Privacy Controls and Cookie Solution complies with provisions of the ePrivacy; it allows you to easily inform users, facilitate their consent and it includes the option to preemptively block any scripts that could install cookies prior to consent (required in many European countries).

→ Discover iubenda Privacy Controls and Cookie Solution
Quickly generate a fully customizable cookie banner, seamlessly collect consent, and implement prior blocking with asynchronous re-activation.

How to Create a GDPR Privacy and Cookie Policy for Google Analytics

With iubenda, you can easily declare which services your website uses to collect data. You can find the “Google Analytics” service in the “Analytics” section of our Privacy and Cookie Policy Generator.

💡 Not sure what services to select and add to your privacy policy

Scan your website using our free Site Scanner to find out right away.

Trusted by over 90,000 clients in 100+ countries, iubenda is the most trusted and easiest way to generate and manage privacy & cookie policies and terms & conditions, consent records and more.

iubenda helps you to comply in minutes with Global laws like the European ePrivacy (Cookie Law), GDPR and US’s CPRA, and VCDPA .

Generate your Privacy Documents for Google Analytics