GDPR and Google Analytics: Why You Need to Update Your GA Settings
Over the past couple of weeks, you may have received an email from Google with the subject line: Important updates about the General Data Protection Regulation (GDPR). The email looked something like this, and may have seemed confusing. Why is Google emailing me about EU policy changes if our organization is not located there?
Digital platforms like Google and Facebook are making policy and product changes to comply with the European Union’s new General Data Protection Regulation, which regulates the collection, storage and processing of personal data of data subjects in the EU. Even if your organization does not operate or serve individuals in the EU, you may still be impacted by the changes that global businesses have to make to comply with GDPR, which is why you received this email.
“If you use Google Analytics (Standard or 360): Please review the data retention controls that allow you to manage how long your user and event data is held on our servers. Starting May 25, we will process data deletions based on your settings.”
This refers to a new feature from Google Analytics, Data Retention, which “gives you the ability to set the amount of time before user-level and event-level data stored by Google Analytics is automatically deleted from Analytics’ servers.”
Google has set the default expiration period to 26 months. This change goes into effect on May 25, 2018, which means that if you make no updates to your existing Google Analytics settings, you will lose access to some of your historical Google Analytics data.* This is not as scary as it sounds, but if you want some time to think things over before making permanent changes to your account, you may want to adjust the default data retention period.
Google provides several options if you choose to update your data retention period:
Do not automatically expire
If you select a data retention period other than “Do not automatically expire,” you’ll also want to determine whether you want these settings to “Reset on new activity.” Switch this to “On” if you want the retention period to renew each time a visitor returns.
You can change your selection, even after May 25th. According to Google, “Once you select a deletion period other than “Do not automatically expire,” any affected data is deleted during the next monthly process. Additionally, whenever you modify the retention period, Analytics waits 24 hours before implementing the change. During this 24-hour period, you can revert your change and your data will be unaffected.”
The video below shows you where you need to go in Google Analytics to update your Data Retention settings. Keep in mind, you need to do this for every active Google Analytics property that you manage. The video also shows how to navigate between properties.
There will be a lot of communication about changes related to GDPR in the coming weeks, and here at Capacity Interactive we are actively working to address these changes for our clients, and the arts industry at large. If you’re looking for some resources to help you through the GDPR process, check out this blog post.
*If you choose to have your data automatically expire after a set time period, you will still have access to some historical information, specifically standard aggregated Google Analytics reporting (i.e., the main reports you look at on a regular basis like sessions, bounce rate, etc). You would not, however, be able to access certain advanced features like applying segments or creating custom reports, which are important features for analysis.