This guide explains the privacy implications of tracking your visitors’ web analytics data, and how Matomo can easily be configured to ensure that your users’ privacy is respected.

Matomo ensures the privacy of your users and analytics data. When using Matomo, YOU keep control of your data, nobody else does. Your data is stored in your own MySQL database, and logs or report data will never be sent to other servers by Matomo. Learn more about Privacy.

To ensure further security, after you have installed Matomo, we recommend that you:

  1. make your Matomo server more secure by undertaking a few extra security checks
  2. follow the guide below to enable important Privacy features

By design, Matomo ensures that your analytics data is only accessible to the Matomo administrator, meaning it is completely secure. This guide will explain how to easily make your favourite web analytics tool “privacy compliant”. Firstly, you will need to log in as Super User and click on Administration > Privacy > Anonymize data.

Step 1) Automatically Anonymize Visitor IPs

By default, IP Anonymisation is enabled in Matomo. This means Matomo stores in the database each new visitor IP address (ipv4 or ipv6 format) with the last components removed to protect user’s privacy. IP anonymisation is a good way to protect users with static IP address as otherwise their browsing history would be easily tracked across several days and even across websites tracked within the same Matomo server.

To ensure that you do not store the visitor IP, which is Personally Identifiable Information (PII), please go to Administration > Privacy > Anonimyze data, to enable IP anonymization, and check you have 2 bytes or 3 bytes masked from the IP address.

If you use the optional User ID then you may also choose to “Replace User ID with a pseudonym”. (When you enable this option, the User ID will be replaced by a pseudonym to avoid directly storing and displaying personally identifiable information such as an email address.)

Step 2) Regularly delete old raw visitor data

In Administration > Privacy > Anonymize data, under the section “Regularly delete old raw data” you can configure Matomo to automatically delete your old raw data (old visitor logs) from the database. For privacy reasons, we highly recommend that you keep the detailed Matomo logs for only 3 to 6 months and delete older log data.

Deleting old raw data also has one other important advantage: it will free database space which will, in turn, slightly increase performance.

If you run the automatic script as explained in the FAQ, it is safe to delete your old log data and still access all historical reports in Matomo.

Step 3) Include a Web Analytics Opt-Out Feature on Your Site

On your website, in your existing privacy policy page or in the ‘Legal’ page, you can actually add a way for your visitors to “opt-out” of being tracked by your Matomo server. By default, all of your website visitors are tracked, but if they opt-out by clicking on the opt-out checkbox, a cookie ‘piwik_ignore’ will be set. All visitors with a piwik_ignore cookie will not be tracked.

In Administration > Privacy > Users opt-out, you will be able to copy and paste the opt-out form code:

The opt-out form code solution is simple to use and recommended for almost every use. You can make the opt-out look great on your website by customising the Opt-out iframe colors and fonts (text color, background color, font size, and font family).

Here below is the example opt-out form for this website. You can opt out from being tracked on (You will need to disable any ad-blockers in order to see the example):

In cases where you need to customise more aspects of the opt-out form (for example change the opt-out text itself), you can implement a custom visitor opt-out form using JavaScript.

Step 4) Respect DoNotTrack preference

Do Not Track is a technology and policy proposal that enables users to opt-out of tracking by websites they do not visit, including analytics services, advertising networks, and social platforms. By default, Matomo respects users preferences and will not track visitors who have specified “I do not want to be tracked” in their web browsers. For more information about DoNotTrack, check out

In Administration > Privacy > Users opt-out, under “Support Do Not Track preference” you can enable/disable Do Not Track support:

Note: tracking requests and cookies will still be created even for people who don’t want to be tracked. To prevent any requests and cookies when people don’t want to be tracked, add the following function in the JavaScript Tracking code: _paq.push(["setDoNotTrack", true]);

Finally, note that if your audience is widely using IE10, IE11, or Maxthon, then you will not track some of your audience because these older browsers have the DoNotTrack feature enabled by default for all users.

Step 5) Create a Privacy Policy page on your website(s)

A privacy policy is a statement or a legal document that discloses some or all of the ways a party gathers, uses, discloses, and manages a customer or client’s data. It fulfills a legal requirement to protect a customer or client’s privacy.

When you use Matomo to track your visitors, we recommend updating your Privacy Policy to explain how Matomo is used and what data it gathers. We provide a Privacy Policy template here for Matomo users that you can copy on your site.

Learn more about a GDPR compatible privacy policy in How to complete your privacy policy with Matomo analytics under GDPR.

Step 6) Learn about personal data regulations such as GDPR

To learn more about the privacy regulations and in particular the GDPR, please visit our GDPR User guide.

Or in Matomo go to Administration > Privacy > GDPR Overview to find details about awareness & documentation, individuals’ rights, security procedures, and data retention.

Step 7) Anonymising data that has already been tracked

When you have tracked data in the past and realised later you tracked maybe too much data or some personal data, you can easily anonymize the affected data using our tool to anonymize previously tracked raw data.

As part of privacy legislation worldwide including GDPR but also ePrivacy, it is often required to display a cookie banner informing users about cookies, or consent must be obtained before tracking visitors’ personal data. However there is a solution available: you can use Matomo Analytics without needing consent and without a cookie banner, by following all the steps listed in the FAQ at How do I use Matomo Analytics without consent or cookie banner?

Step 9) Anonymize Ecommerce Order ID

If you prefer not to track personal data in Matomo, you may enable “Anonymize Order ID” to avoid storing the Ecommerce Order ID number. Because an Order ID can be cross-referenced with another system, typically an eCommerce shop, the Order ID may count as personal information under the GDPR.

In Administration > Privacy > Anonymize data page in Matomo, click “Anonymize Order ID” and then click Save. When you enable this option, an Order ID will be automatically anonymized so no personal information will be tracked.

Note: if you enable this feature, in some cases duplicate orders may still be counted for page reloads.

Step 10) Optional Privacy Preferences

There is more you can consider when it comes to privacy:

  • As the Matomo administrator, you may decide that giving access to real-time & visits log features are not necessary for your team members who use Matomo. In this case, you can disable the visits log, real-time and visitor profile.
  • If you track the number of websites with the same Matomo server, all your websites’ code will contain the Matomo server URL in the Javascript code. To prevent other users from finding out all your websites, you can Hide the Matomo Server URL in your JavaScript using this technique (FAQ)
  • Some countries legislation requires websites to control which cookies they set based on user preferences. You can easily disable all Matomo Cookies for particular visitors or for all visitors by calling a Javascript function in the Matomo code, see the FAQ: How do I disable tracking cookies?.
  • As a Super User, in Administration > General Settings > PrivacyManager, you can configure a “Privacy Policy” and/or “Terms & Conditions” page URL. If specified there will be links displayed at the bottom of the login page and on pages that the ‘anonymous’ user can access. If you embed dashboards and/or widgets, check “Show in embedded widgets” to have the link to your Privacy Policy and your Terms & Conditions displayed at the bottom of embedded widgets.
  • For reference the list of metadata and data points and collected by Matomo is documented here.