Google Analytics is a tool used by digital marketers to track all sorts of useful information about their users. However, if you are relying on GA, you should know that this tool is illegal in Austria, France, Denmark, and Italy. There are alternative tools like Matamo, PostHog, Plausible, and Fathom that you can use in these territories.
If you’re using GA
make sure you disclose this in Google Analytics your privacy notice. You should also make sure that, in GDPR territories, users have the option to opt in.
Privacy, data, and de-identification
The idea of de-identified data is that it is data that is not linked to a specific user and can therefore be used for advertising purposes. It’s not always clear what data is de-identified but if it can be reunited with personal information in some way, it’s not de-identified.
In addition, when certain types of self employed data sensitive data is collected for a specific purpose (that the user agrees to), you can’t always use it for other purposes. For example, with health related data, you may collect it initially to deliver your service but then want to use it to create a research paper. Even when specific data is not disclosed, you would need to seek additional consent for that. Besides health data, sensitive data also includes banking details, biometric data, religious or sexual orientation, etc.
With each new software tool
vendor, or data use case, privacy should always be considered. Ultimately, you have final responsibility for ensuring compliance.
Data privacy ops
In every organization, it’s important to consider all the elements involved in your data privacy policy:
- Governance – Do you have someone in your team who is responsible for data privacy?
- Policies and standards – Do you have internal and external documentation that describes your data privacy policy?
- Data inventory – Do you have a list of all the means and purposes you use customer data for e.g. Custom marketing emails, etc.
- Privacy impact assessments – Do you know the privacy risks you have in your organization? (this is Google Analytics how to improve ctr in advertising a practical guide required in some territories).
- Individual rights – Do users have the option to opt in or out of data collection?
Vendor management
- – Who are your vendors and are they complying with your data privacy policies?
- Marketing consent and preferences – Are you using opt-in or opt-in? Can users opt out of specific uses and into others?
- Security – Is the data you collect on users secure?
- Training – All team members should be vietnam news latter aware of your privacy policy and new hires should be trained up on it too?
- Sustainable compliance – Compliance requirements change as new technologies come into the market. It’s important to stay on top of these and update your policy as needed.