RGPD, Google Analytics and WordPress do I have to do something about it?

Updated on 05-19-2018

As you already know, and if you should not, on May 25, your website must comply , in addition to the current laws, the new RGPD (or GDPR) a new legislation that protects the privacy and right to be forgotten of all users of the European Union.

Here on the blog I am trying to cover all aspects that affect WordPress users when implementing compliance with the RGPD on our websites, especially in the technical part, in the changes that we must make in our WordPress for comply with the RGPD .

In this case we will see what happens with Google Analytics because although it is not WordPress, does anyone in the room have their web integrated with Google Analytics to measure their traffic?

Things you may not have known about Google Analytics and the RGPD [1965904] 0]

According to the Google Analytics service conditions service customers are prohibited from sending personal information to Google .

. which refers to personal information, Google refers to it under the terms of Analytics as personally identifiable information which would comprise, among others, the following data:

  • Names
  • Numbers of social security
  • DNI
  • Email addresses
  • etc, etc, etc.

And you should know that Google Analytics by default does not collect this type of information .

As for IP addresses which may also be considered personally identifiable information, and for this reason are protected by the RGPD, Google Analytics reports do not include this information either, although they may be collected.

Note ]: Yes qu If you want to anonymize IP addresses from Google Analytics you can customize the tracking code by setting a parameter, anonymizeIp, to true. You can also do this by adding this script before the Analytics code.

Also, you should know that Google has updated its data processing amendment to the RGPD. What's more, you should go right now to review it.

To do so follow these steps :

  1. Go to analytics.google.com
  2. Press the button (below) of Manage .
  3. Select an account and go to Account Settings .
  4. On the right you will see the details of the account and, at the bottom, you have the amendment for data processing adapted to the RGPD, which you should review and accept where appropriate.
  5. Save the changes.

 amendment processing data google

Google DPA

 amendment processing data google accepted

Google DPA accepted

You must also follow the link to Manage details of the DPA which takes you to a special page of the Google account on which you must identify your organization and responsible for data, security and privacy policies . [1 9659031] atd / dpa google ” width=”838″ height=”293″ />

DPA / ATD Google

 add contact atd google suite

Add contact DPA / ATD Google

And so for every account you have in Google Analytics.

Acceptance or not Google Analytics Tracking

In addition to the above, you should know that Google Analytics has a browser extension that allows users to accept or disable tracking through this service of all webs.

If you want to include this option in your privacy policy, here is the link . I'm sure some of your users will find it useful, I've been including it for a while in mine .

Do I have to do something in my WordPress?

If you already integrated your WordPress website? with Google Analytics you have done it with one of these methods:

  1. Direct insertion of the tracking code into a file of your theme (usually header.php or footer.php ])
  2. Insert the tracking code in the settings of your theme (as in the options of Divi, Genesis, etc.)
  3. Connect with your Google Analytics account with a plugin.

If you used any of the the first 2 methods you can not do anymore . Google will continue to compile the IPs of your visitors, even if they do not show them in the reports, and you must inform in this regard in your privacy policy.

In addition, remember to include in your privacy policy the link to the tool that we saw above so users can avoid tracking Google Analytics if they wish, or any other tool, like Ghostery for example.

Now, as you know, I always recommend using a plugin to integrate WordPress with Google Analytic s for two main reasons:

  • When you change the subject you do not lose the integration with Google Analytics.
  • You have settings to customize the way in which Google Analytics collects data from your site.

In addition, these plugins usually also include quick reports of Google Analytics from your desktop, a great way to be aware of your traffic and take action to improve and improve it

Google Analytics Dashboard for WP to the rescue

Well, one of the advantages of using a plugin, to customize the integration settings with Google Analytics will help us too with the fulfillment of the RGPD, at least if you use my recommended plugin to integrate Google Analytics and WordPress : Google Analytics Dashboard for WP .

This plugin has several settings for facilitate compliance with the RGPD if we integrate Google Analytics with WordPress .

By default, the GADWP plugin does not send private information to Google and that is already an advantage.

Anonymous IPs

Although Google Analytics does not reveal the IP addresses in its reports this does not mean that by default the IPs are treated anonymously .

The GADWP plugin does offer this feature, which I recommend you activate . For anonymize the IP of your visitors follow these steps:

  1. In the WordPress administration go to the Google Analytics menu
  2. Click on the submenu called Tracking code . [19659011] Choose the upper tab called Advanced settings .
  3. Check the box called Anonymize IPs during tracking .
  4. Save the changes.

Prevent tracking

] Some browsers will send a header Do Not Track (or DNT) when the user browses your website.

If you want to offer the user this option you can also activate this feature with the GADWP plugin .

If you activate this feature in the plugin settings and the user has the DNT header active the plugin will stop sending user data to Google Analytics . For activate the co mpatibility with DNT in GADWP follow these steps:

  1. In the WordPress administration go to the Google Analytics menu
  2. Click on the submenu called Tracking code .
  3. Choose the tab Top Call Advanced Settings .
  4. Check the box called Exclude from tracking the users who send the Do Not Track header .
  5. Save the changes.


Of course, keep in mind that not yet all browsers are compatible with the DNT feature . On this page you can check where to activate this feature in the different browsers.

Express acceptance of the user

The latest version of the GADWP plugin also includes a feature that allows you to activate functionality for allow the acceptance (or not) of the visitors of the activity tracking through Google Analytics .

With this functionality we give one more step in the protection and respect for the privacy of the data of our users .

To activate the feature follow these steps:

  1. In the WordPress administration go to the Google Analytics menu
  2. Click on the submenu called Tracking code . [19659011] Choose the upper tab called Advanced settings .
  3. Activate the box called Enable support for user acceptance .
  4. Save the changes.

Once active the plugin will insert a special script above the tracking code . Then, to allow users to accept tracking, you can create a link like this: