If you want to understand how Google Analytics works, you’ll need to know what types of data they do and don’t allow. Some types of information, called “PII,” are not allowed to be sent to Google Analytics. If your website contains PII, this will be blocked. Otherwise, the tool will track your website’s performance and allow you to make improvements based on the information it collects. If you’re unsure whether Google Analytics is right for your website, read this article to learn more.
Information that could be used to identify an individual

By definition, personal data is any information that can identify an individual. This includes IP addresses and Google IDs, as well as full names and usernames. In addition to IP addresses, Google Analytics also collects information about a person’s precise location. These pieces of information are categorized as PII under GDPR. As such, they are not permitted to be shared with third-party companies, including advertisers.

This practice isn’t new. The European Center for Digital Rights, an Austrian organization, has filed 101 complaints with Google Analytics over this issue. They will give Google a chance to rectify the situation, but say that information that can identify an individual is illegal. While this may be the case for most organizations, it’s illegal for Google to transfer data to third-party companies that do not adhere to GDPR.

While these privacy laws are complicated, they are not impossible to adhere to. Thankfully, Google is addressing this issue head-on. They’ve added stipulations related to data privacy to their terms of service. Among the privacy policies of Google Analytics is a prohibition on collecting PII, such as names, email addresses, physical addresses, and billing information. However, this doesn’t mean that organizations should ignore their own privacy policies.
Information that is considered PII

If you want to use Google Analytics on your website, you need to ensure that the data you upload is free of PII. While PII may not include personal information, such as email addresses, it can still contain device identifiers. If you have included PII on your website, you may risk having your account terminated by Google. For more information, see the Google Analytics Upload data use policy. Location data should not include GPS, which is considered PII.

Google has addressed this issue head-on, adding privacy stipulations to its terms of service. It has also prohibited collecting information containing “personally identifiable information” (PII). This includes full names, email addresses, telephone numbers, and physical addresses. Although pseudonymous user identifiers are not considered PII, you must review your own privacy policies to determine if they do not violate the terms of service.

If you do have PII on your site, you must not collect that data. This is against Google’s strict guidelines and may violate EU and federal laws. Further, this is ethical. In addition, PII in analytics can also be obtained by data collection flaws. So, how can you make sure that you do not collect any PII on your website? The best way is to use a tool that protects your users.
Information that is prohibited from being sent to Google Analytics

Unless you have consent from your visitors, you must post a privacy policy on your website. This policy should clearly state whether and when Google Analytics is used. You should never collect or use sensitive information without the explicit permission of your visitors. If you are unsure of what this means, check the terms and conditions of Google Analytics to learn more. You may find out that you can use Google Analytics to help you improve your site.

GDPR regulations require that data processing companies comply with EU privacy laws. Under the GDPR, data transfer is only permitted if the other country has privacy laws that are deemed equivalent. However, the US is a different story. While GDPR protects the data of EU citizens, US privacy laws are far less strict. In some cases, sharing your data with the US government violates the law and puts your privacy at risk.