Welcome to WebmasterWorld Guest from 34.204.173.36

Forum Moderators: martinibuster

Message Too Old, No Replies

GDPR compliance doubts about AdSense, Analytics and Nginx

     
3:43 pm on May 7, 2018 (gmt 0)

New User

joined:May 7, 2018
posts:4
votes: 0


I have a website in Brazil that uses AdSense and Analytics.

For it to get GDPR compliance, I wouldn't load these services if the user IP is from countries in EU, mask user IPs in Nginx and uninstall fail2ban.

Is it enough for GDPR? What else should I do?
5:12 pm on May 7, 2018 (gmt 0)

Preferred Member

Top Contributors Of The Month

joined:Mar 25, 2018
posts:500
votes: 101


Sounds good to me.

When the function becomes available, you might want to disable Adsense's interested based ads for EU visitors in the dashboard, like that, if your IP detection fails, you'll limit the risk of serving interested based ads to EU visitors.

Now beside Adsense and Analytics, what is your side doing? For example, if you sales something, the way you handle EU clients is subject to GDPR. If you have a message board/forum/comments system, it's also concerned by GDPR (and EU people).
5:20 pm on May 7, 2018 (gmt 0)

New User

joined:May 7, 2018
posts:4
votes: 0


When the function becomes available, you might want to disable Adsense's interested based ads for EU visitors in the dashboard, like that, if your IP detection fails, you'll limit the risk of serving interested based ads to EU visitors.


Good idea. In your opinion, do you think I should enforce the consent cookie to all users because some EU citizen could be accessing my website outside Europe? I am getting crazy about GDPR...

Now beside Adsense and Analytics, what is your side doing? For example, if you sales something, the way you handle EU clients is subject to GDPR. If you have a message board/forum/comments system, it's also concerned by GDPR (and EU people).


It is a currency conversion website. It is simple, but has lots of visitors. It doesn't store other user info. Although it has a email newsletter though Feedburner and a Telegram bot that sends the text of the newsletter. I think I'll disabled both of them and tell people to follow my Facebook page and Twitter. Sad, but the easy way. What do you think?
10:32 am on May 8, 2018 (gmt 0)

Preferred Member

Top Contributors Of The Month

joined:Mar 25, 2018
posts:500
votes: 101


In your opinion, do you think I should enforce the consent cookie to all users because some EU citizen could be accessing my website outside Europe? I am getting crazy about GDPR...

It depends what you exactly mean by "enforce", if you mean obtaining the explicit consent from everybody, then I would say "no".

Now, it can be a good and fair practice, to inform all your visitors, about your cookie use (and in your privacy policy). You can find a way to integrate this to your page layout so that it doesn't become too invasive (especially on mobile devices).

Although it has a email newsletter though Feedburner and a Telegram bot that sends the text of the newsletter. I think I'll disabled both of them and tell people to follow my Facebook page and Twitter. Sad, but the easy way. What do you think?

I have no idea about the newsletter subject. I don't have any, so I never studied the question. May be someone will come to help you.

About Facebook/Twitter/etc... be careful on how you link to your account, or, if you have Life/Tweet/etc... buttons.

IF you are using the javascript code that social networks are providing to embed their functionalities, this may NOT be GDPR-compliant. Because, through this code social network are tracking users, their user, and even people without account with them. So, this is like for Adsense's persnalized ads. I assume (but not evidence) that Facebook and Twitter are refining what their javascript code is doing, and how they are processing EU visitors tracking. But this something to watch after. Personally, I am not embedding code from social networks, but I still use static buttons, with static links for those who would like to interact with their account .
5:07 pm on May 8, 2018 (gmt 0)

New User

joined:May 7, 2018
posts:4
votes: 0


Travis, thank you very much for your opinion. It really helped me to understand everything better and relax a lot about it.
6:36 pm on May 8, 2018 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Jan 16, 2018
posts: 147
votes: 41


When the function becomes available, you might want to disable Adsense's interested based ads for EU visitors in the dashboard, like that, if your IP detection fails, you'll limit the risk of serving interested based ads to EU visitors.


Will that function definitely become available? So it'll show interested-based ads to non-EU visitors?
1:50 pm on May 9, 2018 (gmt 0)

New User

joined:May 7, 2018
posts:4
votes: 0


Google said this function will be available in a few days.
2:14 pm on May 9, 2018 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Jan 16, 2018
posts: 147
votes: 41


Google said this function will be available in a few days.


That would certainly help if that's the case as an option to consider.
5:15 pm on May 9, 2018 (gmt 0)

Preferred Member

Top Contributors Of The Month

joined:Mar 25, 2018
posts:500
votes: 101


The option is available.
9:26 pm on May 9, 2018 (gmt 0)

New User

joined:May 1, 2018
posts:21
votes: 1


For analytics, I just set:
ga('set', 'anonymizeIp', true);

IP addresses can be personalised data under the GDPR. My understanding is that you can't get people's IP addresses with or without setting that option, but without it set, Google employees could. So I've seen the recommendation to set this option to be safe.

I'm not aware of any other problems with analytics and GDPR though(?)
4:15 pm on May 10, 2018 (gmt 0)

Junior Member

Top Contributors Of The Month

joined:Aug 15, 2017
posts:108
votes: 29


@travis I am looking for the option to stop interest based ads for EU traffic on Adsense but not seeing anything. Where is this option located exactly?