Thank you for subscribing!

It's great to feel loved.

One Important Thing You Can Do Now Before the Arrival of GDPR

With GDPR coming into force on May 25, there are quick ways to check whether your Analytics is potentially storing personal information.

If you are using Google Analytics, there’s a big chance you are storing Personally Identifiable Information (PII) in your company’s analytical data.

Although Google Analytics prohibits sending any PII to Analytics such as names, social security numbers, email addresses, or any similar data, there are still many cases when these terms are (often unknowingly) defied.

A painfully often example is when client’s email address is being saved in URLs because at some point password reset was incorrectly set up by your dev department (or that freelancer you got over at Fiverr).

The consequences of noncompliance can get pretty serious - from the removal of your analytics data to getting on Google’s blacklist and the ban on your account.

If you have ignored it until now, today is the right time to start thinking about it.

Why?

Four letters - GDPR.

GDPR.. what??

The General Data Protection Regulation (GDPR) is a new and complex data regulation that comes into force on May 25, 2018.

GDPR is due to set new high standards for companies that collect and store personal information on the citizens of European Union (EU).

Designed to protect and give me more power to protect personal data, it will require some major changes to how companies treat Personally identifiable information (PII) from both their customers and employees.

If you are based outside the EU, GDPR still applies to you if you serve European customers or have offices in the EU.

Non-compliance consequences are a bit more serious here too - from a $20M fine (or a fine equalling to 4% of company’s worldwide turnover) to a bankruptcy.

Good news is that May 25th is still a couple of months away. Organisational preparation, the change of contracts, cookie policy updates and even the appointment of Data Protection Officer - all need to be done, so your hands will definitely be full.

But before that, there are a few small steps you can take now to get a reality check with your Google Analytics data.

Let the checking begin!

There are some basic checks you can do now in your Google Analytics account in preparation for GDPR. By doing these simple searches you will be able to tell right away whether you are unknowingly sending PII data to Analytics.

You want to be looking for things like:

  • Full name (if not common)
  • Home address
  • Email address
  • Date of birth
  • Telephone number
  • Credit card numbers

There is an extensive list here that details various PII.

So, ready for some checks?

Behavior data

  1. Head to your Google Analytics account and select Behavior tab.
  2. Select Site Content / All Pages.
  3. In the filter field, just below the chart, enter @.
  4. Make sure you have selected a longer date range - last 6 months for example.

How to know if your website stores personal data?

Note what search results are returned. If they have URLs starting similarly to /forgot-password?email=name.surname@mailprovider.com, it’s a sign that you are already sending some PII data to Analytics.

Repeat the same steps but instead of @ use other PII indicators like First Name + Last Name of some of your subscribers or clients. You can get a lot of ideas for PIIs to use for a checkup from your CRM database.

After you’ve done with All Pages, head to Events / Top Events, and repeat the process.

Audience data

  1. In your GA account, go to Audience / User Explorer.
  2. Use Show rows to open as big the list as you can.
  3. Click the good old CTRL + F (CMD + F for Macs) and enter @.

How to find PII in your Google Analytics Audience data

Repeat the same steps for other PII touch points.

You will need to do the same steps for the following data:

  • Audience / Custom / Custom Variables
  • Audience / Custom / User Defined
  • Custom Dimensions

How to know if your Google Analytics account stored PII data

Acquisition data

  1. Now head to the acquisition section, to All Traffic / Source/Medium
  2. In the filter field, just below the chart, enter @.
  3. Repeat the search for other PIIs

How to look for PII data in your Google Analytics account

E-commerce data

Do the same process for the ecommerce data:

  1. Conversions / Ecommerce / Product Performance (note there are several tabs for the primary dimension - Product SKU, Product Category, Product Brand - make sure to check all of them)
  2. Conversions / Ecommerce / Sales Performance

How to look for PII in your GA Product data report

Don’t forget to take precautions

Yes, the checking requires manual work and your dedication. A lot of it.

And even when you find the issues, and get your dev team to fix them, it’s very likely that after an update to your website or an update release to your app, the problem crawls out again.

So it’s essential to have your analytics monitored 24/7. Ok, maybe not so drastically, but you need to have regular checks to make sure no PII data is being sent to Analytics.

It’s no surprise that a lot of experts suggest getting own Data Protection Officer to your teams to make sure that the new regulation is taken seriously.

Don’t wait till May 25, and start preparing today.

 

Giedre
Written By Giedre
whatagraph
How to Expand Your Social Media Reach With Instagram Stories
Good engagement rates are hard to find on social media. Most marketers understand that Facebook’s organic reach is all but gone. Twitter isn’t as effective as it was a few years ago. LinkedIn is still viable, but due to the changes LinkedIn made to Groups, it’s not as useful for driving engagement as it once was. Pinterest still works, but it’s not for everyone.
whatagraph
10 Proven Ways to Get Better Results from Google Ads
Want more results from your Google Ads account - without investing tons of time and resources? See our ten proven best practices for squeezing more ROI from every click you pay for.
whatagraph
7 Must-Hear Talks at the Brand Marketing Summit in San Francisco
Your current marketing strategies are not working out the way you planned to? Are you hungry for some new ideas in the marketing sphere? Then, the Brand Marketing Summit in San Francisco is the right place to be!
The volume of data available today is astonishing. Knowing how to use it wisely can really boost the growth of your business. Failing to use it to your advantage, on the other hand, can mean finding yourself behind your competitors or even becoming obsolete.
Read more...
Wendy
1 day ago 5 min read
To explain what ROMI is, we first need to take a look at what ROI is. ROI, or Return on Investment, is a much simpler equation. In a nutshell, it calculates how much money has been invested and, then, what you've earned through this investment. It's a relatively crucial strategic metric for many things. For one, it could be used to decide whether to partner with a new supplier or whether a particular product is working particularly well.
Read more...
Wendy
1 day ago 5 min read
Client-agency relationships can be challenging. Sometimes they work beautifully, and sometimes... Well, everyone’s heard agency horror stories. And client horror stories, too. While it may be difficult to pinpoint the exact motives why a certain client chooses to fire a certain ad agency, here are some of the most common reasons.
Read more...
Pam Neely
3 days ago 6 min read