The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in European law on data protection and privacy for all individuals within the European Union. It also addresses the export of personal data outside the EU.
Be aware that most of GDPR’s rules are good practice in any event. Adhering to them shows to your customers that you take data security seriously, and it puts you in a good position should state or federal government ever decide to enact similar legislation at home. The GDPR is a good wake-up call to businesses that have long neglected protecting their customers’ data. Yes, CyberSecurity is important!
Google Analytics: Your Data Processor
Under the GDPR, if you use Google Analytics, then Google is your Data Processor. Your organization is the Data Controller since you control which data is sent to Google Analytics.
With Google as your Data Processor, they have obligations to conform to the EU GDPR. According to Google’s own Privacy Compliance website, they are “working hard to prepare for the EU’s General Data Protection Regulation.” You can see more details on this site and it is almost certain that Google Analytics will be fully compliant by May 25, 2018.
Google’s Commitment to GDPR
Google is working hard to prepare for the EU’s General Data Protection Regulation (GDPR). Keeping users’ information safe and secure is among their highest priorities at Google. Over the years, they have spent a lot of time working closely with Data Protection Authorities in Europe, and we have already implemented strong privacy protections that reflect their guidance. Google is committed to complying with the new legislation and will collaborate with partners throughout this process.