Post by rifaislam on Oct 30, 2024 4:01:21 GMT -5
Several years ago now we advised you to use Google Analytics . It was a simple tool to use and for which we are certified. So, we have our habits. It is a tool that allows you to correctly monitor visitor traffic , but also to set up correct AB tests to improve the different sites. Over the years, it is a tool that is totally adapted to different needs . But then why do without it if we were satisfied? GDPR shakes up everything To develop an online activity , data collection is essential. And this is where the difficulties begin. Indeed, Google data is collected in France, in Europe and is sent to the United States.
Thus, in February 2022, the CNIL formally notified a site manager social media marketing service for its use of this data collection tool. Indeed, the transfer of user data is not transparent enough for the commission. Two important points of the General Data Protection Regulation were recalled . Google Analytics transfers data outside the Union Article 46.1 of the Regulation provides that “ In the absence of a decision pursuant to Article 45(3), the controller or processor may transfer personal data to a third country or an international organisation only if it has provided appropriate safeguards and provided that the data subjects have enforceable rights and effective legal remedies.
Furthermore, Article 46.2 of the Regulation provides that the " appropriate safeguards referred to in paragraph 1 may be provided, without requiring specific authorisation from a supervisory authority, by standard data protection clauses adopted by the Commission in accordance with the examination procedure referred to in Article 93(2); ". Let’s develop your data tracking! Absence of enforceable law The Commission then noted that the surveillance measures in question did not meet the minimum requirements. It did not, therefore, consider that these various programs were limited to what was strictly necessary. On the other hand, the Commission noted that the legal framework did not allow the persons concerned rights that could be enforced against the American authorities before the courts.
Thus, these persons did not have a right to an effective remedy, which goes against the general provisions of the CNIL and the law ofJanuary 6, 1978relating to information technology, files and freedoms amended on 6 August 2004. In fact, it provides for an enforceable right, which places, de facto, the transfer of data is therefore unjustifiable. Formal notice by the CNIL is then inevitable. Now what to do without Google Analytics? Okay. The application of the GDPR shows that the use of Google Analytics is biased in Europe (yes, the French CNIL is not the only one to have issued a formal notice concerning sites using Google's solution, the Netherlands and Ireland have carried out similar procedures).
Thus, in February 2022, the CNIL formally notified a site manager social media marketing service for its use of this data collection tool. Indeed, the transfer of user data is not transparent enough for the commission. Two important points of the General Data Protection Regulation were recalled . Google Analytics transfers data outside the Union Article 46.1 of the Regulation provides that “ In the absence of a decision pursuant to Article 45(3), the controller or processor may transfer personal data to a third country or an international organisation only if it has provided appropriate safeguards and provided that the data subjects have enforceable rights and effective legal remedies.
Furthermore, Article 46.2 of the Regulation provides that the " appropriate safeguards referred to in paragraph 1 may be provided, without requiring specific authorisation from a supervisory authority, by standard data protection clauses adopted by the Commission in accordance with the examination procedure referred to in Article 93(2); ". Let’s develop your data tracking! Absence of enforceable law The Commission then noted that the surveillance measures in question did not meet the minimum requirements. It did not, therefore, consider that these various programs were limited to what was strictly necessary. On the other hand, the Commission noted that the legal framework did not allow the persons concerned rights that could be enforced against the American authorities before the courts.
Thus, these persons did not have a right to an effective remedy, which goes against the general provisions of the CNIL and the law ofJanuary 6, 1978relating to information technology, files and freedoms amended on 6 August 2004. In fact, it provides for an enforceable right, which places, de facto, the transfer of data is therefore unjustifiable. Formal notice by the CNIL is then inevitable. Now what to do without Google Analytics? Okay. The application of the GDPR shows that the use of Google Analytics is biased in Europe (yes, the French CNIL is not the only one to have issued a formal notice concerning sites using Google's solution, the Netherlands and Ireland have carried out similar procedures).