Choosing a bulletproof web analytics solution

Well, to start with it is clear that the ban of Google Analytics is not an isolated case. Other recents GDPR infringement cases are the court ruling of banning the Google Font API and the banning of the IAB’s so called Transparency and Consent Framework.

With the recent enforcement of the GDPR you cannot expect the internet modus operandi to continue as the 18oo century wild wild west where lack of regulations and protection of the individuals favoured the strongest parties. No names mentioned.

So, getting back to the selection of a future proof web analytics solution for your company. There are 4 questions we used to guide us to find the right platform. They are formulated based on GDPR compliance and the need to know principle. Not nice to know, which is tempting, but a pitfall when it comes to data privacy and sustainability.

Do we need to track individuals to

• understand which content is consumed?

• understand how our digital platform is being used?

• serve them individual targeted content or products?

• serve them relevant ads?

If the answer is yes to any of the above, you have more analytics solutions to choose from, for now, but also a lot of compliance issues and customer consent management to take care of.

In our case our assumptions and reasoning was that:

• If the customer journey on our website or in our ad platform reveals that parts of it are not consumed by the vast majority of the visitors, it is not relevant enough and needs rework.

• We need to streamline and simplify everything we develop, piggybacking on the expectations our customers have from modern internet platforms. In other words, streamline for the masses, not the needs of unmanageable micro segments.

• Serving relevant ads is our business, and you do not need personal data to do that.

After investigating and discussing it we threw out Woopra. Which at the time of investigation, used the EU-US privacy shield as legal basis, which seemed odd as it is an invalidated framework, and replaced it with Fathom and MouseFlow. They both share the same characteristics of being cookie-less anonymous analytics tools. And importantly, they are “EU isolated”, meaning that if you have your account created in the EU, your data is processed, stored and under EU jurisdiction only.

Having said that, it is important to remember that it is your responsibility as data controller (owner of the data) to ensure you are not collecting unconsented personal data to begin with, but with these kinds of analytics tools, a lot of the GDPR compliance comes out of the box.

Happy insight!