We have been active in the field of web analytics since 2017, and have always set a strong focus on data protection and comprehensibility. Since there have been some inquiries in the context of the GDPR and its appearance in the news, we would like to give a look behind our statistics.
So that you can continue using trendcounter compliant to the GDPR on your website, we have revised already existing functions and added further options for the secure handling of data and its protection.
- IP addresses are anonymized as early as possible, so that no inference is possible to the original address
- As far as further visitor data would allow a conclusion on the individual visitor, these are only shortened stored
- DNT (Do Not Track) settings are respected, so that no cookies are set for this visitor
- We provide every webmaster a privacy template for the use of trendcounter
- Each project has a linkable opt-out form
- trendcounter Analytics uses only secure "first party" cookies
- trendcounter Analytics can optionally be used completely without cookies
- trendcounter Feedback has a customizable data retention tool
- trendcounter Feedback can optionally be used completely without the collection of personal data
- Our services are fully transport encrypted (HTTPS / TLS)
- Collected data will not be merged or shared with other data
- We host our servers exclusively in the EU
The General Data Protection Regulation (GDPR) is an European Economic Area ("EEA") law on data protection and privacy for all individuals within the EEA. It also addresses the export of personal data outside the EEA. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EEA.
The GDPR extends the scope of EEA data protection law to all foreign companies processing data of EEA residents. It provides for a harmonization of the data protection regulations throughout the EEA, thereby making it easier for non-European companies to comply with these regulations.
In other words, the law protects every EEA citizen when they visit your web site, no matter where you or your business is located anywhere in the world. Hence our default privacy settings are strict and the only personal data logged by default is a randomly generated Unique ID (UID) stored in a cookie.
GDPR considers a UID to be "personal data", even though it does not identify who you are or reveal anything else about you. However, per Article 6 of the GDPR, use of this cookie does not require a visitor's direct consent because it is "necessary for the purposes of the legitimate interests" of a web site using the service (knowing how many unique visitors access a site is a vital statistic and hence a "legitimate interest").