On May 25th, 2018, the new General Data Protection Regulation (GDPR) laws will go into effect. GDPR is designed to protect the personal data of citizens of the EU as a part of their “consumer first” approach to data protection. The EU’s rollout of GDPR is the first data protection measure of this scale and includes never-before-seen fines for non-compliance.
If you are using Google Analytics as your data processor, then it is important that you update your settings to be in compliance. Here is what you need to know about GDPR, compliance, and what steps you need to take.
First things first, you may be wondering why GDPR applies to you if you aren’t operating in the EU. Well, it may not be mandated in your area of operation, but GDPR will have an effect on all business in some way. GDPR protects citizens of the EU no matter where their data travels on the internet, including outside of the EU. According to Martech Today,
“this means that any company, anywhere, that has a database that includes EU citizens is bound by its rules. Businesses of all sizes are affected — from micro to multinational. No one is exempt.”
You can either set up filters in analytics to block all traffic from the EU, or you can make sure your settings are compliant with the new laws.
In order to be GDPR compliant, Google Analytics has made some changes to the settings that will be rolling out with GDPR on May 25th. Not all of these changes will have an effect on the average business outside of the EU, but it’s important to know what they are, and what they do.
Google’s Major GDPR Updates
Data Retention Controls
Google’s email to their users contained two major updates. The biggest of the changes is the addition of data retention controls. This gives us, as admins, control over how long data is stored on servers, and when it gets deleted. The default setting has data being cut off at 26 months, but in the data retention settings, you can raise or lower that number, or set it to never expire. Google Support has a lot of information about their new data retention setting if you’re interested in doing further reading.
User Deletion Tool
The second update to the settings will be the introduction of a user deletion tool. This tool will allow managers to control the deletion of all data associated with a user (site visitor). More information on this tool will be released by Google in the coming weeks.
GDPR For American Business Owners
How does GDPR affect you, an American business owner? In all honesty, we don’t yet know what kind of effect this will have on American businesses. If you are a multinational corporation with direct efforts or offices in the EU, then your EU personnel may be held responsible for non-compliance. But if you are an American-based company that works strictly in the US, you shouldn’t have anything to worry about as of now.
By now you may have noticed that a number of other services you use have updated their terms and conditions. Whether it’s a social media platform like Facebook or Twitter, an email vendor like Mailchimp, or another service, you have probably received an email from them. Don’t freak out, just read the emails, but as we mentioned, most things won’t apply to you or your business. If you are using Smarter Searches to manage your analytics or other marketing services, rest assured, we are updating your analytics to prevent deletion of your data, and making sure that you are in compliance with GDPR. We will keep our blog updated as we learn more about the effect on US companies after the May 25th rollout, so check back soon to see our update and to check out any and all cool industry updates on our blog.