Compliant online tracking | how to track users on your website without breaking the law | cookiebot

Try our free compliance test now to check if your website’s use of cookies and online tracking complies with the GDPR/ePR Directive.

The test also shows what data your site processes and what third-party vendors it shares it with, a requirement of the CCPA.

Updated on 9. December 2020.

Website tracking is a common practice for most websites.

Tracking user behavior can tell you how your website is performing and whether your ad campaigns are reaching their target audience.

But the privacy of end users cannot be ignored.

In fact, the main data protection laws (GDPR, the ePrivacy Directive, CCPA) require that you only perform those types of user tracking that are in full compliance with strict consent and privacy obligations.

Cookiebot has made it easy and automatic to figure out how to do compliant website tracking – we call it plug-and-play compliance.

Read more about how Cookiebot makes your website compliant and how integrating Cookiebot/Google Consent Mode makes your website tracking completely legal without losing data.

Brief Summary

What is website tracking?

Website tracking refers to the tracking of movements, Interests and of Behavior of people on the Internet, mostly through the use of Cookies and others Website trackers.

Website tracking works through the Collecting and processing data – Often personal data – from users, to give you important insights about the performance of your domain or the the reach of your advertising campaign to provide.

You must obtain explicit, prior consent from end users for your web tracking to be compliant with the GDPR.

Different Website tracking tools Can be used to collect different types of data for different purposes, ranging from information about users (gender, age, location, search and browsing history) all the way to Information about how, how users interact with your website (what they click on, what they scroll past, how they got to your website, and where they go afterwards).

Popular website tracking tools (such as Google Analytics, Crazy Egg, and Clicky) make it easy to perform smart and comprehensive user tracking on your domain, but these are only legal if you run them on your website in compliance with end-user privacy requirements under data protection law.

Is website tracking legal?

In a nutshell, your website tracking is only legal if you take care to protect the End user privacy protection in accordance with the Data protection law applicable in the user’s region ensure.

Tracking website users in the EU is only legal if you ask for and get their explicit consent (among other requirements) before enabling non-required cookies and website trackers on your domain.

The same is true for tracking users in Brazil and users in South Africa.

Website tracking of users in California is only legal if you inform them what types of data you collect, for what purposes you collect it, with whom you share it, and allow visitors to opt-out of your website tracking practices altogether.

Scan your website for free with Cookiebot to see where in the world your users are and what cookies and website trackers are being used on your domain.

You must obtain explicit, prior consent from end users for your web tracking to be compliant with the GDPR.

Website tracking that freely collects people’s personal and sensitive data without regard for their privacy, is not only illegal, but also unacceptable for your website to.

A growing public awareness of privacy issues has led even the world’s largest technology company, Google, to overhaul its core services based on consent, and to redirect the entire advertising industry to a fairer and more privacy-focused Internet, where collecting people’s personal and sensitive data freely and without regard for their privacy is not only illegal, but also unacceptable for your website.

True end-user privacy becomes a measurable measure of how users rate websites, just as consumers rate their goods based on food and safety standards.

Yet – for many website owners and operators, it is a difficult and time-consuming task to comply with the EU’s General Data Protection Regulation (GDPR) or California’s Consumer Privacy Act (CCPA).

Compliance has also often resulted in your website being Loses web tracking data and important insights into your domain’s performance.

If users z.B. From the EU do not give their consent to website trackers on your domain, it is these Not allowed to enable and collect user tracking data, and you are left in the dark about important performance and ad reach statistics that could benefit your site and ultimately your users.

This is not a good solution for anyone…

End-user privacy is paramount to a free and fair internet of the future, but data-driven website tracking analytics and the adtech economy are in large part funding the free internet as we know it today.

There must be a balance, that works for both the end user who is tired of their privacy being violated, and for you who wants to see what is happening on your website.

And there is..

Cookiebot and compliant website tracking

Plug-and-play compliance for your website and its user tracking

Cookiebot is the world’s leading consent management platform (CMP) that brings plug-and-play compliance to your website without requiring manual implementation or on-site support.

Cookiebot was launched in 2012 with the goal of finding a balance between true privacy and compliant user tracking on your domain.

Cookiebot is fully automated and built around a powerful website scanner built around a cookie detection engine that detects all cookies and similar website trackers on your domain, and granular consent of your end-user controls.

Logo banner powered by Cookiebot by Usercentrics

You must obtain explicit, prior consent from end users to ensure your web tracking is compliant with the GDPR.

Cookiebot is designed to strike a balance between data protection and website tracking, so that you can gain important knowledge and insight into the performance of your domain and business, while end users online enjoy real and thorough protection of their personal data and privacy.

Cookiebot ensures your website complies with important data laws such as the EU’s GDPR, California’s CCPA, Brazil’s LGPD, South Africa’s POPIA, and other laws.

Try Cookiebot for free for 30 days – or forever if you have a small website.

Google Consent Mode and Cookiebot

How to track user activity on your website compliantly and without data loss

Tight partnership integration between Cookiebot and Google Consent Mode allows your website to get the best of both worlds – end-user privacy without losing valuable website tracking insights.

With Google Consent Mode, you can control all Google services on your website (z. B. Google Analytics, Google Tag Manager) Based on the consent of the end user Execute.

Using Cookiebot with Google Consent Mode gives you true cookie control and compliance, as well as streamlined use of all your website tracking tools from Google in one simple solution – you get aggregated, anonymous website tracking without cookies when users do not consent to website tracking tools.

Google Consent Mode gives you non-identifying website tracking data when users opt out, including –

  • basic measurements
  • Modeling data
  • timestamp of visits
  • User-Agent
  • Referrer
  • information about the user’s navigation

Compliant tracking without cookies and without losing important data with Cookiebot and Google Consent Mode.

Cookiebot’s tight integration with Google Consent Mode means a All-in-one solution for compliance purposes and Overarching control Of your website tracking tools in a fully automated way, without you having to do anything beyond plug-and-play implementation.

Try Cookiebot for free for 30 days – or forever if you have a small website

Logo banner powered by Cookiebot by Usercentrics

Website tracking, in detail

Website tracking is a popular way to get information about your users, and it’s legal as long as you make sure all relevant privacy requirements are met and respected before tracking users.

Let’s take a closer look at, how website tracking works, how you use a compliant balance can find between web tracking and end user protection, which is the Most popular website tracking tools nowadays – and how you can use it compliantly.

How website tracking works – website trackers and cookies

Website tracking online works via Cookies and similar website trackers on your website.

cookies and website trackers work by store themselves on the user’s browser, when they land on your website.

Once stored on their browser, they collect information about the user, used to measure their visit, recognize them on repeat visits, track them across all browsers and devices, and monitor their interests and behavior in general.

If you use website tracking software on your website, the software will Third-party cookies, Which are activated when a user lands on your website and starts collecting personal data about them.

Did you know?

99% of cookies used on the Internet for web tracking and for the purpose of targeted advertising to users.

72% of cookies, that are placed on your website, so-called Trojan are loaded by fourth parties, often hidden in other cookies.

In addition, 50% of Trojans switch between user visits, making them difficult to detect for website owners and operators without deep-scanning technology.

Personal data collected as part of your user tracking is protected and must be handled accordingly.

Most third-party cookies from website tracking software use a variant of a unique ID, which can recognize the individual user on the Internet when they move from news websites to online stores and to your website; this collects detailed data about their movements, preferences, search and browser history, and many other things.

But – and this is important – the majority of the data that cookies and website trackers collect is personal data!

Personal data is protected in the EU by the General Data Protection Regulation (GDPR). Among their requirements for websites is the requirement to, Before enabling website tracking cookies, that collects personal data Asking and obtaining consent from the end user.

Personal data/information is also protected by the CCPA in California, LGPD in Brazil and POPIA in South Africa, among others. So if you have users from any of these places, your website tracking needs to be calibrated to ensure compliance.

Website tracking and compliance

What do data protection laws say about website tracking??

If you have a website that tracks users, or if you want to start tracking users, the first thing you need to know is where in the world your website users are located.

Now, the location of end users determines, Which privacy law for online collection and processing of personal data through your website’s tracking.

If you have users from, say, the EU, regardless of where in the world you and your website are located, you need to be aware of the General Data Protection Regulation (GDPR) and its requirements for consent and other privacy obligations.

Try Cookiebot for free for 30 days – or forever if you have a small website

GDPR and website tracking

Website tracking in compliance with the GDPR is based on three things –

  • Explicit consent from end users prior to tracking
  • Comprehensive information about and transparency regarding your tracking practices
  • Securely store and document end user consents

To track website users from the EU, they must agree to your website tracking.

Website tracking in accordance with DSGVO using Cookiebot

Website tracking of EU users is only legal if their prior consent is obtained.

This consent must freely are given (d.h. not forced or as a condition of services) and it must be granular be (d.h. users must be able to give consent to one part of the website trackers and not to another part).

Your commitment to informing your users means that you must tell them –

  • What types of personal data your website tracking tools collect
  • For what purposes you collect personal data
  • who you send personal data to
  • Which third parties you share personal data with
  • Which website trackers are used to collect data (e.g.B. Cookies) to collect and process, including detailed data about their technical characteristics

This information must be provided in a way that allows users to give their consent to d.h. they must not be provided later or buried in a difficult legal text.

Users must know all the details about your web tracking practices before they can give informed, compliant consent to.

If a user consents to website tracking on your domain, you must have that consent document and store securely.

Consent must also be renewed every 6 to 12 months, in accordance with relevant national privacy policies.

Personal data under the EU GDPR includes –

  • Name, location, email, address,
  • IP addresses, search history, browser history,
  • Purchase history, credit information, preferences and settings,
  • Inferences about sexual orientation, political beliefs, religious beliefs

Website trackers that collect and process any of the above do not need the Explicitly consent to end users before they can be enabled and used for website tracking.

Cookiebot automatically makes your website tracking compliant with DSGVO. Our plug-and-play compliance solution includes a powerful cookie scanner that detects and controls all website trackers and processes all end-user consent forms.

Use Cookiebot with Google Consent Mode to make your website tracking compliant – and without losing valuable insights about your website’s performance.

Try Cookiebot for free for 30 days – or forever if you have a small website.

CCPA and website tracking

If you have California users, California’s statewide Consumer Privacy Act (CCPA) applies to your website tracking – but only if you meet its definition of an entity.

Conformity in the use of website analysis tools with Google Consent Mode and Cookiebot

Website tracking in California is legal if users have the option to opt out on your website’s landing page.

The CCPA does not require you to obtain end-user consent before tracking users, but it does require you to provide the same transparency regarding your website tracking practices as the EU’s GDPR, including –

  • What types of personal information you collect
  • For what purposes you collect this personal information
  • Who you share this personal information with

California end users must be able to opt-in via a link"Do not sell my personal data" Opt out of having your web data collected on your website’s landing page.

If users click on this link, you will no longer be allowed to track their personal information.

Personal information under the California CCPA includes –

  • Name, location, email, address,
  • IP addresses, search history, browser history,
  • Purchase history, credit information, preferences and settings,
  • Inferences about sexual orientation, political beliefs, religious beliefs

If your website processes any of the above information via cookies and website trackers, users must be informed of this in detail and also have the opportunity to opt out of having their data collected and shared by third parties.

Cookiebot makes your website tracking automatically CCPA compliant.

Our plug-and-play compliance solution provides the necessary transparency in the processing of your personal data and includes the required "Do not sell my personal data" link on your website.

Use Cookiebot with Google Consent Mode to make your website tracking compliant – and without losing valuable insights about your website’s performance.

Try Cookiebot for free for 30 days – or forever if you have a small website.

Website tracking in Brazil and South Africa

Users from Brazil and South Africa are also protected by data privacy laws closely aligned with the EU’s General Data Protection Regulation (GDPR), and have enforceable consent and transparency rights, just like users in the EU.

Compliance with Cookiebot for legal website tracking data

Tracking users in South Africa and Brazil is also protected by national data protection laws.

Compliance with Brazil’s LGPD or South Africa’s POPIA is a necessity if you have users from these countries.

Website Tracking Tools

How to ensure full compliance when user tracking on your website

Website tracking tools and software are numerous and popular, offering different insights from different types of data that you can choose from depending on what works best for your specific website and online business.

Here’s a list of the most popular website tracking tools and a breakdown of how to use them to comply with regulations.

Some of the most popular website tracking tools include

  • Google Analytics
  • HubSpot
  • Clicky Analytics
  • Crazy Egg
  • Kiss Metrics

Website Tracking Tools: Google Analytics

When it comes to website tracking, Google Analytics is by far the most popular tool on the web, used by many millions of websites around the world.

Google Analytics is free and provides you with all the basic and detailed insights into your website’s performance, such as. B. Number of visits, sessions, bounce rate, click rate, as well as data about your end users (z. B. Location, devices, age, etc.)

Policy compliant website analytics tools with Google Consent Mode and Cookiebot

Google Analytics website tracking data to measure the number of visitors to a website.

By using Google Analytics, a third-party cookie from Google named _ga Set on your end users’ browsers, which is used to measure and distinguish between users. This cookie, which expires after two years, Contains a unique ID, capable of tracking website users across the internet.

Using Google Analytics as a website tracking tool therefore requires the consent of EU users before activating it and a Notifying California users at the time of collection.

With Cookiebot and Google Consent Mode, you can have Google Analytics run in full compliance with the EU GDPR and its end-user consent requirements.

Cookiebot and Google Consent Mode allow your website to perform tracking without cookies if end users do not consent to the website trackers required for normal, personalized tracking – all in full compliance.

Try Cookiebot for free for 30 days – or forever if you have a small website.

Website tracking tools: HubSpot

HubSpot is also an extremely popular tool for website tracking and inbound marketing administration. HubSpot is available in both free and paid versions. Like Google Analytics, HubSpot lets you track visitors and get detailed information about how they behave on your domain, including traffic and conversion analytics, social media ad campaign reach, and more.

HubSpot and Cookiebot for compliant website tracking

HubSpot website with data visualizations for tracking data.

By using HubSpot as a website tracking tool, several third-party cookies are set on your end user’s browser, including the _hstc cookie (responsible for collecting data such as timestamps on visits, sessions) and the _hubspotutk-cookie, that determines the identities of users with an opaque GUID (similar to a unique ID).

Both cookies have a Runtime of 13 months.

HubSpot’s use on your website sets third-party cookies that are used for your website’s performance Not required are, and therefore requires the explicit and prior consent of users in the EU and to transparently notifies users in California, Before any collection, processing and sharing of the information may take place.

Website tracking tools: Clicky

Clicky is another popular website tracking software that provides you with statistical and analytical insights into your website.

What makes Clicky different from Google Analytics and other services is that it uses so-called Heatmaps of traffic to your website – d.h. Visualizations of data that you would otherwise have to read in numbers.

Heatmaps from Clicky, which show you where most user traffic is aggregated on your website.

Clicky also sets website trackers on your visitors’ browsers.

The UID (Unique ID tracking cookie) is used by Clicky to accurately distinguish individual users.

Types of data Clicky collects include referrers, user agent, browser language, screen resolution, mouse movement and behavior, IP addresses, and more.

To use Clicky as a website tracking tool for your domain in compliance with the EU’s GDPR and California’s CCPA, you’ll need to make sure you’ve activated the Explicit consent from users in the EU and the Notifying users in California Get.

Website tracking tools: Crazy Egg

Crazy Egg is another website tracking software that stands out for its "extra"-features, such as Heatmaps, which can be used in addition to basic measurements from Google Analytics and other website tracking tools.

Like Clicky, Crazy Egg’s heat maps visualize user traffic to your site, showing where users are clicking, lingering, scrolling, and more to give you a detailed picture of the attracting elements of your domain.

Crazy Egg’s website shows heatmaps to visualize user traffic on your domain.

Crazy Egg also records the entire user session from landing on your website until conversion or exit.

Like all other website tracking tools, Crazy Egg sets third-party cookies that allow for the Require explicit consent from users in the EU and notification of collection from users in California.

Crazy Egg sets cookies and website trackers, like z.B. the ce.s-Cookie, which tracks whether a visitor has visited the site before (and runs on the user’s browser for 5 years).

Deploy Cookiebot on your website to ensure that all cookies and website trackers are detected and controlled based on your end user’s consent status.

Try Cookiebot for free for 30 days – or forever if you have a small website.

Website tracking tools: Kissmetrics

Kissmetrics is a website tracking tool specifically designed to find out how your users convert on your domain, with a particular focus on reducing churn and increasing engagement through social media ad campaigns and email marketing.

Kissmetrics collects data about end users via third-party cookies and website trackers, such as z.B. browser information, IP addresses, referring website, time of visit, operating system information, mobile device information, and more.

Website tracking tools in compliance with the GDPR with Cookiebot and Google Consent Mode

Kissmetrics website tracking data to optimize ad campaign reach and domain performance.

Under both the EU’s GDPR and California’s CCPA, much of the above data is defined as personal data/information – and you will need explicit consent from users in the EU and ensure that you notify users in California and give them the opportunity to opt out before enabling Kissmetrics as a web tracking tool on your domain.

Try Cookiebot free for 30 days – or forever if you have a small website.

Cookiebot CMP for compliant online tracking

Still confused about how to bring your website’s user tracking into compliance with privacy laws?

All you need to do is sign up with Cookiebot to get started.

Cookiebot’s mission on the web is to help your website achieve a sustainable balance between compliance and website tracking – and Cookiebot has automated the entire compliance process for tracking your website.

  • A powerful scanner, that detects all cookies and website trackers in operation
  • An unmatched consent solution, Which automatically manages all consents of your end users and provides them with all necessary and required information about your website tracking practices.
  • Secure storage and Documentation all end-user consent.
  • Automatically renew end-user consents.
  • Fully comply with the DSGVO the EU, the Californian CCPA, of the Brazilian LGPD, the South African POPIA and other privacy laws.

Cookiebot fully and automatically integrates with Google Consent Mode, which not only allows you to achieve full privacy compliance, but also allows you to run all of Google’s website tracking tools without cookies if your users do not give their consent.

With Cookiebot and Google Consent Mode, you can track users without cookies and ensure you get key insights about your site’s performance, conversion rates, and ad reach in full compliance.

Try Cookiebot for free for 30 days – or forever if you have a small website.

How can I track users on my website?

Website tracking can be done through the use of cookies and similar website trackers that collect behavioral data about your end users to measure traffic and conversions. There are a variety of free and paid website tracking tools you can use, but be aware that you will most likely need to comply with the privacy laws in place in the user’s region for this to be legal.

Is website tracking legal?

Only if you comply with the relevant data protection laws in the region. If you have users from the EU, you will need to ask for and obtain their explicit consent before any tracking is permitted. The same goes for users from Brazil and South Africa. If you have users from California, you need to inform them about the collection of tracking data on your website and give them the opportunity to opt-out.

How does website tracking work?

Website tracking works by using cookies and similar tracking technologies that collect and process the actions of end users to present you with aggregate and targeted statistics about their movements, interests, behavior, and preferences. Third-party cookies can violate privacy and always require end-user consent to be used. Website tracking tools can help you gain insight into your website’s performance and reach.

How to make my web tracking compliant?

Cookiebot provides a plug-and-play compliance solution for your entire website, built around a powerful scanner that detects all cookies and trackers and controls them based on the consent status of your end users. By using Cookiebot in tight integration with Google Consent Mode, you get tracking without cookies and valuable analytics insights into your website when users do not consent to detailed tracking.

Like this post? Please share to your friends:
Leave a Reply

;-) :| :x :twisted: :smile: :shock: :sad: :roll: :razz: :oops: :o :mrgreen: :lol: :idea: :grin: :evil: :cry: :cool: :arrow: :???: :?: :!: