Here's a quick walkthrough of the update all website owners have to perform in their Google Analytics to review/accept the amendment to the data processing terms for GDPR compliance AND provide their contact details, before May 25th. *This is different from the Data Retention Controls that google sent out which people could ignore.*
This is real easy but myself and another WA member Philip just went through it and we both managed to take a couple of wrong turns along the way so here it is with signposts!
You will see the mandatory email google analytics sent us has a step 1 and 2:
Step 1: Review and accept the updated data processing terms in each account for each product you manage in the Google Analytics Suite
Step 2: Provide your legal entity and contact details for notifications we may need to send under the GDPR
I will walk you through the steps involved here and include a full copy of that email sent to us by google analytics at the end of the tutorial for reference.
*Note this is for regular google analytics as well as their 360 suite, the email heading has their colorful 360 suite logo on top but in the small print you'll see analytics and 360 follow the same path here.
**For those in America and Canada I'm hearing a couple of people say google analytics sent you the Data Retention Controls review for adsense email but maybe not this email for Amendment to Data Processing Terms - in their small print on the contact details page during step 2 it does say it applies to 'those outside the EEA where the GDPR reaches' which is anyone with European traffic. When you go through the steps it will update.
Next page Step 1.1 of Review and Accept the Amendment to the Data Processing Terms for GDPR
Join the Discussion
PhilipC1
Premium
I FINALLY got through all of this. OMG! Hate this rubbish. Anyways, what steps do websites have to go through Mary if they have Google Adsense ads on their website?
Adsense asking me for gather consent from people inside the EU either as personalized or non-personalized ads.
I don't see training on this.
Also, I have to make my users aware of the 200 potential advisers that wold be handling their data - do I copy and paste that list into Privacy Policy?
Anyways, still come confusion on this.
EU COOKIE LAW - CHECK!
PPP UDATED - CHECK! - But I think I need add those sites and let others know that those other sites from adsense may collect their data, and them agreeing to this, is my sites responsibility and that they must refer to each advertisers ppp - or something.
As well, when the ads are served to my audience, I imagine a pop up should appear for them to accept - whihc one - another plugin?
Thanks Mary and this was very helpful but need some more little data on Adsense GDPR Compliance, that I can see - or I am just being thicck agani haha. I looking online for the exact steps as well I need to do for Adsense ads for those in the EU to be up to this code.
Thanks again,
Philip.
Adsense asking me for gather consent from people inside the EU either as personalized or non-personalized ads.
I don't see training on this.
Also, I have to make my users aware of the 200 potential advisers that wold be handling their data - do I copy and paste that list into Privacy Policy?
Anyways, still come confusion on this.
EU COOKIE LAW - CHECK!
PPP UDATED - CHECK! - But I think I need add those sites and let others know that those other sites from adsense may collect their data, and them agreeing to this, is my sites responsibility and that they must refer to each advertisers ppp - or something.
As well, when the ads are served to my audience, I imagine a pop up should appear for them to accept - whihc one - another plugin?
Thanks Mary and this was very helpful but need some more little data on Adsense GDPR Compliance, that I can see - or I am just being thicck agani haha. I looking online for the exact steps as well I need to do for Adsense ads for those in the EU to be up to this code.
Thanks again,
Philip.
Reply
MozMary
Premium Plus
I don't use adsense but I see how other sites in Ireland are handling it and they are just making things crazy complicated for the user experience - for example they have a plugin that gives us a choice to accept or not, and if not then we can manually uncheck each of the 200 advertisers - which I've gone in and done as a visitor to national website and they never explain why, what difference it makes, it is a wasteful exercise that does not give the user any protection because those sites already have us, and most sites either force acceptance or tell us to hoppit [not quite legal but practical] or they block europeans [I'd rather be followed by adsense than blocked]
So really it is a question for Kyle on the open dashboard and if something is necessary then it's for Jay's training, though he doesn't use adsense himself.
Whatever the proper interpretation of GDPR and 'sensitive data' it appears adsense has specific requirements and they should be met clearly in the WA training imo.
So really it is a question for Kyle on the open dashboard and if something is necessary then it's for Jay's training, though he doesn't use adsense himself.
Whatever the proper interpretation of GDPR and 'sensitive data' it appears adsense has specific requirements and they should be met clearly in the WA training imo.
PhilipC1
Premium
Thanks Mary.
I was looking into all of this today. All day!
Gezz, anyways - seems we have to sign up for a Google Tag Manager Account (its free) which I did.
THEN we have to get site support to install two codes in our sites.
1 in <h> - very very top, and one IMMEDIATELY after the <body> tag.
After that nonsense then we have to go into the tag and mess around to ad our Google Analytics Code.
THEN! we have to set to ANONYMIZE IP ADDRESSES of our traffic. So, it appears, it just removes the last three digits of anyones ip address so that data is not sent to Google.
Now, we have to go back to Google Analytics and I believe we have to turn off Remarketing and Advertising Report Features.
Now, we have to go to our Adsense and set it to auto-ads and non-personalized ads.
OK, now - I THINK - we have to go back to Google Analytics and find out if we are sending Google anymore data that is considered private - I dont' know, 'timestamps', user emails, names - I am not 100% sure how to check for that but currently looking into it.
I would like to make an effigy of GDPR - set it alight - and send it to hell...
Edited....
Also, if we use a recaptcha plugin (Google Inc product) on our sites then people consent for their data to be processed as laid out in our ppp.
So about the 200 sites thing, We don't have to list them. Just tell users how info is collected and used by Google, Adsense etc.
I can't take credit for this data - I had huge help from a long term WA member.
Edited, again.
So, it seems we need a plugin called Monster Insights. Once installed you will need to authenticate using your G+ account.
Once done then you need to install Google Analytics Opt Out Plugin.
Once installed then you need to some other stuff - here is a link that will walk you through it https://www.monsterinsights.com/docs/how-to-make-google-analytics-opt-out-links-with-monsterinsights/
Basically, you will end up with a banner strip on the bottom of you site showing an opt out option.
Then update ppp and create or update cookie policy page.
That then I think is all done.
I was looking into all of this today. All day!
Gezz, anyways - seems we have to sign up for a Google Tag Manager Account (its free) which I did.
THEN we have to get site support to install two codes in our sites.
1 in <h> - very very top, and one IMMEDIATELY after the <body> tag.
After that nonsense then we have to go into the tag and mess around to ad our Google Analytics Code.
THEN! we have to set to ANONYMIZE IP ADDRESSES of our traffic. So, it appears, it just removes the last three digits of anyones ip address so that data is not sent to Google.
Now, we have to go back to Google Analytics and I believe we have to turn off Remarketing and Advertising Report Features.
Now, we have to go to our Adsense and set it to auto-ads and non-personalized ads.
OK, now - I THINK - we have to go back to Google Analytics and find out if we are sending Google anymore data that is considered private - I dont' know, 'timestamps', user emails, names - I am not 100% sure how to check for that but currently looking into it.
I would like to make an effigy of GDPR - set it alight - and send it to hell...
Edited....
Also, if we use a recaptcha plugin (Google Inc product) on our sites then people consent for their data to be processed as laid out in our ppp.
So about the 200 sites thing, We don't have to list them. Just tell users how info is collected and used by Google, Adsense etc.
I can't take credit for this data - I had huge help from a long term WA member.
Edited, again.
So, it seems we need a plugin called Monster Insights. Once installed you will need to authenticate using your G+ account.
Once done then you need to install Google Analytics Opt Out Plugin.
Once installed then you need to some other stuff - here is a link that will walk you through it https://www.monsterinsights.com/docs/how-to-make-google-analytics-opt-out-links-with-monsterinsights/
Basically, you will end up with a banner strip on the bottom of you site showing an opt out option.
Then update ppp and create or update cookie policy page.
That then I think is all done.
MozMary
Premium Plus
well you and/or the other member could do a training out of that if you like
thing is, it's only about satisfying adsense at this point, as most of what's happening is nothing to do with gdpr, only wild interpretations of it
So you seem to present two solutions to adsense above:
1. annonymizing ip addresses in GA, and you seem to be saying that requires sitesupport? I always thought GA itself should be doing that, or offering us an easy solution - they are supposed to build it into their practice. Also on our SEO there's an annonymize IP address that no one explained to me, had wondered if we could just press that?
2. your second option seemes to be a recaptcha plugin? getting people to accept everything in your privacy policy - I'm seeing people do that but it's not quite legal, no one is looking closely and no one cares - on the one hand if something is necessary to the running of your site then you can do it - on the other hand you have to allow people to say no, and a lot of sites out there are making us accept their pp - bottom line it's all crap, nothing to do with the spirit of the law which is protect sensitive data - but then who is watching those 200 advertisers, are they behaving themselves?
There's a bunch of different approaches out there, any effort will be a cya effort, it's just about getting adsense to leave you alone imo
monster insights - premium or free? must admit I don't like all the extra plugins, legally it's supposed to be 'privacy by design', so GA should be carrying the can and so should adsense and so should the advertisers...
thing is, it's only about satisfying adsense at this point, as most of what's happening is nothing to do with gdpr, only wild interpretations of it
So you seem to present two solutions to adsense above:
1. annonymizing ip addresses in GA, and you seem to be saying that requires sitesupport? I always thought GA itself should be doing that, or offering us an easy solution - they are supposed to build it into their practice. Also on our SEO there's an annonymize IP address that no one explained to me, had wondered if we could just press that?
2. your second option seemes to be a recaptcha plugin? getting people to accept everything in your privacy policy - I'm seeing people do that but it's not quite legal, no one is looking closely and no one cares - on the one hand if something is necessary to the running of your site then you can do it - on the other hand you have to allow people to say no, and a lot of sites out there are making us accept their pp - bottom line it's all crap, nothing to do with the spirit of the law which is protect sensitive data - but then who is watching those 200 advertisers, are they behaving themselves?
There's a bunch of different approaches out there, any effort will be a cya effort, it's just about getting adsense to leave you alone imo
monster insights - premium or free? must admit I don't like all the extra plugins, legally it's supposed to be 'privacy by design', so GA should be carrying the can and so should adsense and so should the advertisers...
Isabella4198
Premium
Thanks MozMary. Does this apply to me, I am in the US and I do not promote products outside of US.
MozMary
Premium Plus
GDPR does apply to the US and other non-european countries, because traffic is global including europe for most websites
go into your analytics admin and follow through, if those instructions are there then click them - if they are not then let us know
All of their instructions were a bit muddy, so on the page where we fill in contact details they say 'all european economic area AND anyone the regulation reaches' see how muddy that is - because GDPR reaches everyone, yet they did not commit themselves
if there is a button in your analytics asking you to accept then do it, if not then fine - but go in and look
go into your analytics admin and follow through, if those instructions are there then click them - if they are not then let us know
All of their instructions were a bit muddy, so on the page where we fill in contact details they say 'all european economic area AND anyone the regulation reaches' see how muddy that is - because GDPR reaches everyone, yet they did not commit themselves
if there is a button in your analytics asking you to accept then do it, if not then fine - but go in and look
MozMary
Premium Plus
phakacha8
Premium
MozMary,
Thank you so much for taking your time to make this tutorial very simple and clear.
By the way, I've not done anything for the GA 360 Suite for fear of falling into errors.
You may kindly do one for beginners in your next tutorial.
Thank you so much for sharing this useful stuff on GDPR Acceptance.
Cheers!
Thank you so much for taking your time to make this tutorial very simple and clear.
By the way, I've not done anything for the GA 360 Suite for fear of falling into errors.
You may kindly do one for beginners in your next tutorial.
Thank you so much for sharing this useful stuff on GDPR Acceptance.
Cheers!
MozMary
Premium Plus
This is the beginners version, the regular google analytics.
The email they sent out has 360 suite on it but also analytics in the same pathway
if you just follow the login to all website data and admin you'll navigate to the update agreement
The email they sent out has 360 suite on it but also analytics in the same pathway
if you just follow the login to all website data and admin you'll navigate to the update agreement
