GDPR (General Data Protection Regulation) is set to revolutionize how we process and store data in the digital age, with the aim of giving individuals more control of their personal data.
Google Analytics will act as the data processor and your organization as the data controller since your organization is in control of what data you send to Google Analytics once the Universal Analytics tracking code implementation is up and running.
This article will explore the steps Google Analytics is taking to become GDPR compliant, as well as what your business can do to make sure you too are compliant with GDPR.
What steps is Google taking?
Google recently released a statement[1] declaring their commitment to compliance with data protection laws in line with GDPR. Google went on to explain that they have measures in place relating to privacy and data processing. For a comprehensive look at Google’s processing terms, you can learn more by reading their Google Ads Data processing terms[2], which is set to replace and supersede the Analytics Data Processing Amendment[3].
Google encourages data controllers to be vigilant about how they collect and handle data. Numerous GDPR-related guides[4] online can help you to ensure you are knowledgeable about GDPR and the effects it could have on your company.
Google has updated Google Analytics with a new feature called ‘User and event data retention’. This feature allows the data controller to decide how long to store and retain data.
The feature relates specifically to data associated with cookies, user identifiers, or advertising identifiers. As the data controller, you can set a fixed time limit before expiry. You can also