Stay ahead of the GDPR with powerful web analytics that respects your user's privacy
The EU’s General Data Protection Regulation (GDPR), also known as DSGVO in German, and RGPD in French, is a regulation that applies to companies, non-profit organisations, and public entities worldwide to strengthen data protection for all individuals within the European Union (EU).
Why is it important?
You can be fined up to 4% of your yearly revenue for data/privacy breaches or non-compliance, according to Article 83 of the GDPR.
How is Matomo Analytics GDPR compliant?
How can we ensure GDPR compliance:
- Data anonymization
- GDPR Manager
- Users can opt-out of all tracking
- First-party cookies by default
- People can view the data collected
- Capabilities to delete visitor data when requested
- The data is not used for any other purposes (compared to Google Analytics)
- IP anonymization
- Visitor log and profiles can be disabled
In addition, if you’re complying with France’s National Data Protection Commission (CNIL) rules then you’ll also need to:
- Delete personal data after 25 months
- Have IP anonymiser enabled
- Offer Opt-out
- Disable Visits log and Visitor profile
- Agree not to export the RAW data to other systems like CRM or data warehouse without consent
Personal data or personally identifiable information (PII) and GDPR
If you decide to process personal data, then it must be processed in accordance with the principles of lawfulness, fairness and transparency. It should be collected for specified, explicit and legitimate purposes, and not be processed if they don’t suit those purposes.
Here are a few steps to start with:
Step one: learn what personal data or PII is
Step two: learn about data anonymization
Step three: learn about GDPR and cookie compliance
Step four: Make your Matomo GDPR compliant in 12 steps
"Collecting data from one’s visitors is very useful, and it is possible to do so despite the GDPR, including via Matomo, the solution we have chosen. It incorporates the right to be forgotten – meaning a user wants a website to delete all the data it has collected about him or her – and the ability to choose not to be tracked at all when visiting a site. That is why we have chosen Matomo. High security, high flexibility, and we know exactly who is looking at the data collected."
Advantage of Matomo GDPR analytics compared to others
- According to the Berlin Data Protection Office, if you’re collecting and sending data to third-party services (like Google Analytics) who use data “for own purpose uses” in Berlin, you now need to ask for specific consent from visitors in order to collect that information. This is not the case for Matomo. With Matomo On-Premise, Cloud and Matomo for WordPress, the data you collect is yours to own and work with. Matomo will never use your data for “own purposes” or any other purpose, as your data is completely yours.
- Matomo encourages data anonymization. By carrying out data anonymization techniques you can avoid needing to show users a consent screen.
GDPR Manager
Matomo offers an advanced General Data Protection Regulation (GDPR) Manager to ensure websites are fully compliant with the new regulation. As the GDPR continues to evolve, you can be assured that Matomo will be at the forefront of these changes to create a safer web experience for everyone.
This is to make sure websites are fully GDPR compliant by giving users:
✔ Right of access
✔ Right to withdraw consent
✔ Supports “Do Not Track”
✔ Right to data portability
✔ Right to object
✔ Delete historical data
✔ Right to erasure
✔ Anonymizing features
✔ Anonymize historical data
Added benefits of using Matomo
✔ 100% Data Ownership – Matomo gives you full control of your website data as you have 100% data ownership.
✔ User-Privacy Protection – Matomo is trusted and used by industries that have strict compliance and data privacy regulations to ensure that their user’s privacy is protected.
✔ Reliable & Secure – Security is a top priority at Matomo. As potential issues are discovered, we validate, patch and release fixes as quickly as we can. We have a security bug bounty program in place that rewards researchers for finding security issues and disclosing them to us.
✔ Host On-Premise or on Cloud – You can breathe easy knowing both options give you full data ownership and respect for user privacy. Learn more.
"Europa Analytics is based on Matomo which is the leading open-source analytics platform that provides relevant and reliable insights into user behaviour. The data and information collected by Matomo is 100% owned and controlled by the European Commission. This guarantees compliance with strict privacy regulations and laws. Matomo is used by more than 1,000,000 websites worldwide, including large corporations, SMEs, governments & non-profit organisations."
GDPR support and resources
We offer solutions and services to help you create a Matomo configuration that’s ready for GDPR compliance. As the world leaders when it comes to privacy and customer data, we are looking forward to providing support for our analytics platform to help you achieve GDPR compliance easily.
GDPR Resources:
- GDPR Manager user guide
- How to fill in the information asset registration when using Matomo
- How to make Matomo GDPR compliant in 12 easy steps
- How to not process any personal data with Matomo and what it means for you
- PII, personal data and GDPR. Discover what this means for your privacy
- How should I write my privacy notice for Matomo Analytics under GDPR
- Lawful basis for processing personal data under GDPR with Matomo
- How to complete your privacy policy with Matomo Analytics under GDPR
- GDPR compliance for Premium Features
- How to get your Matomo plugin ready for GDPR
- Subprocessors on Matomo Cloud (subprocessors not applicable to On-Premise)
- Privacy in Matomo
Stay GDPR compliant without sacrificing the powerful insights you need to grow you business
Matomo is a trusted and powerful all-in-one web analytics platform designed to give you the most conclusive insights to make smarter data-driven decisions.