Stay ahead of the GDPR with powerful web analytics that respects your user's privacy

The EU’s General Data Protection Regulation (GDPR), also known as DSGVO in German, and RGPD in French, is a regulation that applies to companies, non-profit organisations, and public entities worldwide to strengthen data protection for all individuals within the European Union (EU).

Why is it important?

You can be fined up to 4% of your yearly revenue for data/privacy breaches or non-compliance, according to Article 83 of the GDPR.

How is Matomo Analytics GDPR compliant?

How can we ensure GDPR compliance:

Data anonymization
GDPR Manager
Users can opt-out of all tracking
First-party cookies by default
People can view the data collected
Capabilities to delete visitor data when requested
The data is not used for any other purposes (compared to Google Analytics)
IP anonymization
Visitor log and profiles can be disabled
Data is stored in the EU (Matomo Cloud) or in any country of your choice (Matomo On-Premise)

In addition, if you’re complying with France’s National Data Protection Commission (CNIL) rules then you’ll also need to:

Delete personal data after 25 months
Have IP anonymiser enabled
Offer Opt-out
Disable Visits log and Visitor profile
Agree not to export the RAW data to other systems like CRM or data warehouse without consent

Advantage of Matomo GDPR analytics compared to others

According to the Berlin Data Protection Office, if you’re collecting and sending data to third-party services (like Google Analytics) who use data “for own purpose uses” in Berlin, you now need to ask for specific consent from visitors in order to collect that information. This is not the case for Matomo. With Matomo On-Premise, Cloud and Matomo for WordPress, the data you collect is yours to own and work with. Matomo will never use your data for “own purposes” or any other purpose, as your data is completely yours.
The CJEU ruled US cloud servers don’t comply with GDPR. Matomo’s cloud-hosted data is stored in Europe and your On-Premise data can be stored in any country of your choosing.
Matomo encourages data anonymization. By carrying out data anonymization techniques you can avoid needing to show users a consent screen.

"Collecting data from one’s visitors is very useful, and it is possible to do so despite the GDPR, including via Matomo, the solution we have chosen. It incorporates the right to be forgotten – meaning a user wants a website to delete all the data it has collected about him or her – and the ability to choose not to be tracked at all when visiting a site. That is why we have chosen Matomo. High security, high flexibility, and we know exactly who is looking at the data collected."

Mikke Schiren | Customer Solutions Developer

GDPR Manager

Matomo offers an advanced General Data Protection Regulation (GDPR) Manager to ensure websites are fully compliant with the new regulation. As the GDPR continues to evolve, you can be assured that Matomo will be at the forefront of these changes to create a safer web experience for everyone.

This is to make sure websites are fully GDPR compliant by giving users:

✔ Right of access
✔ Right to withdraw consent
✔ Supports “Do Not Track”
✔ Right to data portability
✔ Right to object
✔ Delete historical data
✔ Right to erasure
✔ Anonymizing features
✔ Anonymize historical data

Added benefits of using Matomo

✔ 100% Data Ownership – Matomo gives you full control of your website data as you have 100% data ownership.

✔ Compliance with worldwide privacy laws – Matomo is compliant with a range of privacy laws around the world such as, HIPAA, CCPA, LGPD, and PECR.

✔ User-Privacy Protection – Matomo is trusted and used by industries that have strict compliance and data privacy regulations to ensure that their user’s privacy is protected.

✔ Reliable & Secure – Security is a top priority at Matomo. As potential issues are discovered, we validate, patch and release fixes as quickly as we can. We have a security bug bounty program in place that rewards researchers for finding security issues and disclosing them to us.

✔ Host On-Premise or on Cloud – You can breathe easy knowing both options give you full data ownership and respect for user privacy. Learn more.

"Europa Analytics is based on Matomo which is the leading open-source analytics platform that provides relevant and reliable insights into user behaviour. The data and information collected by Matomo is 100% owned and controlled by the European Commission. This guarantees compliance with strict privacy regulations and laws. Matomo is used by more than 1,000,000 websites worldwide, including large corporations, SMEs, governments & non-profit organisations."

European Commission

Personal data or personally identifiable information (PII) and GDPR

If you decide to process personal data, then it must be processed in accordance with the principles of lawfulness, fairness and transparency. It should be collected for specified, explicit and legitimate purposes, and not be processed if they don’t suit those purposes.

Here are a few steps to start with:

Step one: learn what personal data or PII is
Step two: learn about data anonymization
Step three: learn about GDPR and cookie compliance
Step four: Make your Matomo GDPR compliant in 12 steps

GDPR support and resources

We offer solutions and services to help you create a Matomo configuration that’s ready for GDPR compliance. As the world leaders when it comes to privacy and customer data, we are looking forward to providing support for our analytics platform to help you achieve GDPR compliance easily.

GDPR Resources:

Stay GDPR compliant without sacrificing powerful insights to grow you business

Matomo is a trusted and powerful all-in-one web analytics platform designed to give you the most conclusive insights to make smarter data-driven decisions.