Google Analytics: we ignored Data Retention Controls email but it insists on Data Processing Terms
Last Update: May 23, 2018
There were TWO google analytics updates. There has been some discussion at WA already on the google analytics Data Retention Controls review and it was concluded by most people that we didn't have to do anything except ignore those emails - fine. Unless you have a personal preference already on all that.
Google is sending out more than one update
However notice that not all the google update emails were on the same subject, they have another GDPR update in circulation at the same time concerning Data Processing, different from Data Retention, and we can't ignore the Data Processing one it seems. I've a link to the training walk through at the bottom of this blog.
Google putting the work on the people
There are some very interesting articles on how google is throwing all of this onto us to do ourselves when really they should be doing it especially since they are the main collectors and users of the data too and they are creating a lot of uncertainty and chaos out there.
- This one explains why european businesses are seeking new optins
- This one explains where you can access the Data Retention Controls setting [if you really want to, this is the Admin Property Settings route which is why people can get a bit lost when they go to do the other Data Processing Terms update in Admin Account Settings]
- And it also has a bit of a laugh at the cheek of Google to be putting it's work on other people and giving people a bunch of tools they've no idea how to use.
If you scroll down to the bottom of that article you will see 13 comments where American website owners discuss the changes they do or do not have to make because of this 'Data Retention Controls' email they sent us.
Some interesting things that come up in the comments:
- The default setting for retention of data is 26 months if you don't change anything.
- US website owners were the ones discussing these things! Yet there remains a lot of confusion among US members as to whether they should take note of GDPR.
- Major confusion with some people worried and choosing the lowest data retention setting, others leaving as is, others wanting to leave it longest possible and then the chilled WA members who concluded 'ignore and no action required' lol, eg the comments on Patsy's blog https://my.wealthyaffiliate.com/patsyc/blog/important-google...which I'm saying is fine on data retention but don't ignore all google emails, they are not all on the same subject and the data processing one does need some attention.
Conclusion: Your GDPR Checklist
1. Google analytics, do the walk through and if Review and Accept amendment to the Data Processing Terms comes up then you click and go through.
Here is the walkthrough on the steps for Data Processing Terms update.
2. Data Retention Controls, likely nothing we have to do.
4. In this blog I show what some people are doing in terms of re-subscribe to list, double optins, plugins, and the definition of personal data where simply a name and surname fits the definition of what they are now protecting with GDPR 'general data protection regulations'.
5. If you've any thoughts or ideas or contributions leave them or your links below.
Basically to remember that the legislators have confused everyone and many people are selling information to make a quick buck on the back of that, the average blogger should not have to get legal advice, but demonstrate a genuine effort to cover your ass, like everyone else, imo.
Update: since this post I've had time to wade in the official GDPR websites and have written up a summary of GDPR action steps here https://my.wealthyaffiliate.com/mozmary/blog/summary-of-gdpr...
ps notice a lot of hype about anonymization of IP address in Google Analytics, however Privacy by Design means this is google's job and not ours, they can anonymize european IP addresses at the back end instead of forcing all of us to take advanced training in GA or buying silly premium plugins that are unnecessary. Also, GDPR allows us to use what is necessary, we do not need explicit consent for everything, just to be open about it.
See more comments