Recherche avancée

Sur d’autres sites (3939)

• A Guide to GDPR Sensitive Personal Data

  13 mai 2024, par Erin

  The General Data Protection Regulation (GDPR) is one of the world’s most stringent data protection laws. It provides a legal framework for collection and processing of the personal data of EU individuals.

  The GDPR distinguishes between “special categories of personal data” (also referred to as “sensitive”) and other personal data and imposes stricter requirements on collection and processing of sensitive data. Understanding these differences will help your company comply with the requirements and avoid heavy penalties.

  In this article, we’ll explain what personal data is considered “sensitive” according to the GDPR. We’ll also examine how a web analytics solution like Matomo can help you maintain compliance.

  What is sensitive personal data ?

  The following categories of data are treated as sensitive :

  1. 1. Personal data revealing :
        • Racial or ethnic origin ;
        • Political opinions ;
        • Religious or philosophical beliefs ;
        • Trade union membership ;
     2. Genetic and biometric data ;
     3. Data concerning a person’s :
        • Health ; or
        • Sex life or sexual orientation.

  

  Sensitive vs. non-sensitive personal data : What’s the difference ?

  While both categories include information about an individual, sensitive data is seen as more private, or requiring a greater protection. 

  Sensitive data often carries a higher degree of risk and harm to the data subject, if the data is exposed. For example, a data breach exposing health records could lead to discrimination for the individuals involved. An insurance company could use the information to increase premiums or deny coverage. 

  In contrast, personal data like name or gender is considered less sensitive because it doesn’t carry the same degree of harm as sensitive data. 

  Unauthorised access to someone’s name alone is less likely to harm them or infringe on their fundamental rights and freedoms than an unauthorised access to their health records or biometric data. Note that financial information (e.g. credit card details) does not fall into the special categories of data.

  

  Legality of processing

  Under the GDPR, both sensitive and nonsensitive personal data are protected. However, the rules and conditions for processing sensitive data are more stringent.

  Article 6 deals with processing of non-sensitive data and it states that processing is lawful if one of the six lawful bases for processing applies. 

  In contrast, Art. 9 of the GDPR states that processing of sensitive data is prohibited as a rule, but provides ten exceptions. 

  It is important to note that the lawful bases in Art. 6 are not the same as exceptions in Art. 9. For example, while performance of a contract or legitimate interest of the controller are a lawful basis for processing non-sensitive personal data, they are not included as an exception in Art. 9. What follows is that controllers are not permitted to process sensitive data on the basis of contract or legitimate interest. 

  The exceptions where processing of sensitive personal data is permitted (subject to additional requirements) are : 

  • Explicit consent : The individual has given explicit consent to processing their sensitive personal data for specified purpose(s), except where an EU member state prohibits such consent. See below for more information about explicit consent. 
  • Employment, social security or social protection : Processing sensitive data is necessary to perform tasks under employment, social security or social protection law.
  • Vital interests : Processing sensitive data is necessary to protect the interests of a data subject or if the individual is physically or legally incapable of consenting. 
  • Non-for-profit bodies : Foundations, associations or nonprofits with a political, philosophical, religious or trade union aim may process the sensitive data of their members or those they are in regular contact with, in connection with their purposes (and no disclosure of the data is permitted outside the organisation, without the data subject’s consent).
  • Made public : In some cases, it may be permissible to process the sensitive data of a data subject if the individual has already made it public and accessible. 
  • Legal claims : Processing sensitive data is necessary to establish, exercise or defend legal claims, including legal or in court proceedings.
  • Public interest : Processing is necessary for reasons of substantial public interest, like preventing unlawful acts or protecting the public.
  • Health or social care : Processing special category data is necessary for : preventative or occupational medicine, providing health and social care, medical diagnosis or managing healthcare systems.
  • Public health : It is permissible to process sensitive data for public health reasons, like protecting against cross-border threats to health or ensuring the safety of medicinal products or medical devices. 
  • Archiving, research and statistics : You may process sensitive data if it’s done for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

  In addition, you must adhere to all data handling requirements set by the GDPR.

  Important : Note that for any data sent that you are processing, you always need to identify a lawful basis under Art. 6. In addition, if the data sent contains sensitive data, you must comply with Art. 9.

  Explicit consent

  While consent is a valid lawful basis for processing non-sensitive personal data, controllers are permitted to process sensitive data only with an “explicit consent” of the data subject.

  The GDPR does not define “explicit” consent, but it is accepted that it must meet all Art. 7 conditions for consent, at a higher threshold. To be “explicit” a consent requires a clear statement (oral or written) of the data subject. Consent inferred from the data subject’s actions does not meet the threshold. 

  The controller must retain records of the explicit consent and provide appropriate consent withdrawal method to allow the data subject to exercise their rights.

  Examples of compliant and non-compliant sensitive data processing

  Here are examples of when you can and can’t process sensitive data :

  • When you can process sensitive data : A doctor logs sensitive data about a patient, including their name, symptoms and medicine prescribed. The hospital can process this data to provide appropriate medical care to their patients. An IoT device and software manufacturer processes their customers’ health data based on explicit consent of each customer. 
  • When you can’t process sensitive data : One example is when you don’t have explicit consent from a data subject. Another is when there’s no lawful basis for processing it or you are collecting personal data you simply do not need. For example, you don’t need your customer’s ethnic origin to fulfil an online order.

  Other implications of processing sensitive data

  If you process sensitive data, especially on a large scale, GDPR imposes additional requirements, such as having Data Privacy Impact Assessments, appointing Data Protection Officers and EU Representatives, if you are a controller based outside the EU.

  Penalties for GDPR non-compliance

  Mishandling sensitive data (or processing it when you’re not allowed to) can result in huge penalties. There are two tiers of GDPR fines :

  • €10 million or 2% of a company’s annual revenue for less severe infringements
  • €20 million or 4% of a company’s annual revenue for more severe infringements

  In the first half of 2023 alone, fines imposed in the EU due to GDPR violations exceeded €1.6 billion, up from €73 million in 2019.

  Examples of high-profile violations in the last few years include :

  • Amazon : The Luxembourg National Commission fined the retail giant with a massive $887 million fine in 2021 for not processing personal data per the GDPR. 
  • Google : The National Data Protection Commission (CNIL) fined Google €50 million for not getting proper consent to display personalised ads.
  • H&M : The Hamburg Commissioner for Data Protection and Freedom of Information hit the multinational clothing company with a €35.3 million fine in 2020 for unlawfully gathering and storing employees’ data in its service centre.

  One of the criteria that affects the severity of a fine is “data category” — the type of personal data being processed. Companies need to take extra precautions with sensitive data, or they risk receiving more severe penalties.

  What’s more, GDPR violations can negatively affect your brand’s reputation and cause you to lose business opportunities from consumers concerned about your data practices. 76% of consumers indicated they wouldn’t buy from companies they don’t trust with their personal data.

  Organisations should lay out their data practices in simple terms and make this information easily accessible so customers know how their data is being handled.

  Get started with GDPR-compliant web analytics

  The GDPR offers a framework for securing and protecting personal data. But it also distinguishes between sensitive and non-sensitive data. Understanding these differences and applying the lawful basis for processing this data type will help ensure compliance.

  Looking for a GDPR-compliant web analytics solution ?

  At Matomo, we take data privacy seriously. 

  Our platform ensures 100% data ownership, putting you in complete control of your data. Unlike other web analytics solutions, your data remains solely yours and isn’t sold or auctioned off to advertisers. 

  Additionally, with Matomo, you can be confident in the accuracy of the insights you receive, as we provide reliable, unsampled data.

  Matomo also fully complies with GDPR and other data privacy laws like CCPA, LGPD and more.

  Start your 21-day free trial today ; no credit card required. 

  Disclaimer

  We are not lawyers and don’t claim to be. The information provided here is to help give an introduction to GDPR. We encourage every business and website to take data privacy seriously and discuss these issues with your lawyer if you have any concerns.

  Try Matomo for Free

  21 day free trial. No credit card required.

  
  

  Your email address
  

  Your website address
  

  Your Analytics subdomain will be .matomo.cloud (change)

  Choose your analytics subdomain
  

  .matomo.cloud

  I accept the terms and conditions and data processing agreement (DPA)

  
  Your information will be used to create an account on our cloud service. For more information please consult our privacy policy.
  
  
  

  Start improving your websites now

  

• 9 Form Optimisation Tips to Convert More Visitors

  15 février 2024, par Erin

  Forms might seem boring — that is, until you realise how powerful they are.

  No forms mean no leads.

  No leads mean no sales.

  No sales means you’ll run out of business.

  So, what do you do ?

  Optimise forms to land more leads.

  They’re a critical part of the sales funnel.

  Forms have many different purposes and can be used to :

  • Contact a company
  • Sign up for a newsletter
  • Request a demo
  • Start a free trial
  • And more

  If you want to get more leads (and ultimately more sales), then you need to optimise your forms.

  This guide will show you exactly how to do that (so you can start getting more conversions today). 

  What is form optimisation ?

  Before we dive into form optimisation, let’s back up a bit.

  Form conversion is our primary focus.

  Your form conversion rate is the percentage of visitors who submit a form divided by the total number of visitors who started the form times one hundred.

  For example, if 5,000 people started filling out your form this month and 350 submitted the form, the conversion rate would be : 

  350 / 5,000 x 100 = 7%

  So, what’s form optimisation ?

  

  It’s simply improving your forms to increase conversion rates.

  For most people, form conversion is all about increasing leads.

  Before you begin optimising your forms, it’s important you understand what’s good (and what’s not good) when it comes to form conversions.

  The average form conversion rate across all industries is 2.9%.

  This means you should expect about 3 out of every 100 visitors who start your form to submit it.

  If your form conversion is lower — or hovering around this number — then it’s important to start optimising now.

  With Matomo, you can track your form conversions with Matomo Form Analytics. Gain powerful insights into how your visitors interact with your forms with our intuitive dashboard.

  Why it’s important to optimise your forms

  Most people hear the word “forms” and think it’s boring.

  But forms are the doorway to leads.

  If you want to generate more sales, then you need to generate great forms.

  Here are five reasons you need to optimise your forms today :

  

  1. Improve conversions

  Form optimisation is really just conversion optimisation.

  But, instead of optimising and improving your site to directly improve sales conversions, you’re increasing lead conversions.

  Every smart website owner uses forms to draw people in further.

  The reality is that most of your website visitors will never return to your site.

  This means you need to do everything you can to grab their contact information so you can continue marketing to them day in and day out.

  Otherwise, you’ll lose them forever.

  When you know how to optimise your forms, you’ll be able to get a higher percentage of form viewers to fill it out.

  Higher conversions mean you get more leads, more customers, and ultimately more revenue.

  2. Capture more leads

  When you can increase your form conversion rate from 1% to 2%, it may seem insignificant.

  What’s a measly percentage point in conversions ?

  It’s a lot.

  When you’re dealing with traffic in the tens or hundreds of thousands each month, an increase in conversion rate by a whole percentile is massive.

  Let’s say you take your conversion rate from 2% to 3% on your form, and you have 70,000 visitors view the form each month.

  Well, if 1,400 people used to sign up to your email list each month at a 2% conversion rate, then at a 3% conversion rate, you’d get 2,100 new email signups every month.

  That’s a major difference.

  When you can improve your signup forms, you improve your lead generation (which is conversion rate optimisation). And the more leads you have, the more sales you’ll make in the long run.

  3. Get the most out of your traffic

  If your forms don’t perform well, then you’re wasting your time (and your traffic).

  By analysing your form data, you can quickly see what’s working and what’s not so you can optimise and improve the user experience (and your forms).

  For most people, this means getting more form viewers to fill out the form with their email and name.

  If 50,000 people visit your site each month, but only 1% of them fill out your form, you’re only getting 500 email signups per month.

  Rather than paying money to generate more traffic, why not just work on improving your website by implementing a better form ?

  If you can increase your form conversion rate to 2%, you will immediately go from 500 new subscribers per month to 1,000 per month.

  4. Spend less on acquisition

  If you’re able to get more form signups without having to generate more traffic, you just solved a pricey problem : acquisition costs.

  If you can now get 1,000 of your 50,000 visitors to sign up to your email list through a better form, then you doubled your signups.

  But that’s not all. You just cut your acquisition costs in half.

  If you spend $2,000 per month on acquisition but you’re able to get twice as many leads, then your acquisition costs are at 50% of what they used to be.

  This means you can pay the same amount but get twice as many leads.

  Or, you can pour even more money into acquisition since it’s now twice as effective so you can fuel growth even more.

  5. Grow revenue

  Forms generate revenue. It may not be direct (although, in some cases, it is). 

  But, forms will lead to sales.

  By placing optimised forms throughout your website at the right places, you will be able to capture a percentage of your visitors as leads, which means you’ll eventually make more sales.

  13 tips to optimise your forms for more conversions

  Now that you know what forms can do and why they’re important to grow your business, it’s time to dive into the best practices.

  Follow these 13 tips to ensure you’re getting the most out of your forms :

  

  1. Set form goals

  Your forms are hopeless without a goal.

  Before you set up a form on your website, ask yourself, “What am I trying to accomplish with this form ?”

  It could be :

  • Encouraging customers to reach out through a contact form
  • To get visitors to leave feedback on your product/service
  • Convert visitors into leads by giving you their email

  No matter what your goal is, make sure you’re clear on it ; otherwise, you won’t be as targeted and specific with your forms.

  Matomo Goals helps you set specific objectives for your marketing campaigns so you’re able to easily track conversions. Whether you’re looking to capture feedback or generate leads, you can leverage Matomo to see what’s working and what’s not in seconds.

  2. Remove or improve fields with high average time spent and high drop-off rates

  Delving into your Form Analytics provides invaluable insights into individual field performance. A crucial metric to focus on is the Average Time Spent. 

  If a field stands out with a significantly higher average time spent and experiences a high drop-off rate compared to others in the form, it’s a clear indicator that it’s causing frustration or confusion for your visitors.

  To address this, consider improving the field by converting it into a dropdown menu for easier completion or providing helpful text prompts. Alternatively, if the field isn’t essential, you might opt to remove it altogether.

  When you cut down on time spent and drop-offs, you’ll see your conversion rates go up.

  

  Here’s a standout example from Matomo’s Form Analytics feature : the “Overview of your needs” field is taking on average 1 minute and 37 seconds to complete. 

  To streamline this, we might want to consider a simple fix like converting it into a dropdown menu. This change would offer visitors a clearer and quicker way to select from options.

  

  Likewise, we observe that the “Overview of your needs” field experiences the highest drop-off rate, totaling 1,732 drop-offs. 

  With Form Analytics, it becomes clear what is needed to optimise forms and increase conversions.

  Try Matomo for Free

  Get the web insights you need, without compromising data accuracy.

  Start for free

  No credit card required

  3. Start with the CTA

  When crafting and optimising your forms, you need to start with the end in mind. That’s why you need to start with your business goals.

  What are you trying to do with this form ? If you want to capture more emails, then make sure that’s very clear with the call to action (CTA).

  Start building your form by beginning with the CTA.

  For example : “Sign Up Now.”

  Once you have the action you want your potential customers to take, place it on the form. Then, you can work towards crafting the rest of the form.

  4. Put it above the fold

  If your visitors can’t find your form, they won’t fill it out. It’s plain and simple.

  You need to make sure your form is visible above the fold. This is the part of the screen that’s visible to your visitors once they land on your site (without needing to scroll down).

  Always remember to test this out on both desktop and mobile to ensure anyone (using laptops or a mobile device) will see your form upon landing on your site or page.

  Don’t forget about your mobile users. More people view mobile forms than desktop forms. 

  5. Put a CTA in the headline

  Your form needs to be clear.

  You have 1-3 seconds to communicate with your site visitors what your form is all about.

  For example, if you’re trying to get email signups with a lead magnet, then tell them the benefit quickly and concisely with a CTA in the headline, like this one :

  “Subscribe to Save 10% On Your Next Order”

  This is a great example of a headline-CTA combo that tells the visitor what to do and what they get out of it.

  Matomo’s behaviour analytics features like Session Recordings let you see where visitors are clicking and spending time. For example, if people are reading the headline, but not scrolling down to read the form, it’s probably a sign you need to test a different headline.

  6. Ensure you have the right fields

  Your form fields matter.

  What information are you trying to capture from your audience ?

  One beginner mistake people make is requiring too much information and including many fields in a form.

  You want to get as much data on your audience as possible, right ? Wrong.

  If you ask for too much information, people won’t fill it out, and it will harm the user experience. You need to make it super easy.

  If you want more emails to grow your list, then stick with someone’s email (and possibly their name as well). One line for a name. One line for an email address. Keep it simple.

  If you’re after SMS as well, don’t include it on the form. Instead, create a two-step form that pops up an SMS form after someone fills out the email form.

  Multi-step forms enable you to capture those emails easily (and still get a percentage to fill out the second form) without making it seem like too much work for your audience.

  Another path is to include optional fields (that users don’t have to fill out to click submit).

  Just keep in mind that shorter forms perform better than longer ones.

  If you make them too long, it feels like work for the user and will lead to lower completion rates.

  7. Always capture email address

  If you’re unsure of what information to capture (i.e. name, number, email, occupation, age, etc.), always stick to email.

  Email is used by over 4 billion people every single day, and it’s not going away anytime soon.

  When determining which fields to include, start with email.

  

  8. Test different buttons and copy

  You need to track your form performance if you want to get the best conversions.

  One of the best form elements to start testing is your button copy.

  In most cases, form completion buttons will have the word “submit” on them.

  But you don’t have to stick with this word.

  You can (and should) experiment with different submit button copy.

  Here are a few examples of replacement words for your action button :

  • Complete
  • Sign Up
  • Join now
  • Get started

  Remember to experiment with your action button. Try a different copy. Just keep it short.

  You can also try A/B testing your form by experimenting with different colours, copy, and more.

  

  In the example above from Matomo’s A/B testing feature, we found that changing the wording of our call to action made a big difference. The new “Apply Now” button performed much better, with a 3.6% conversion rate compared to just 1.7% for the original one.

  Try Matomo for Free

  Get the web insights you need, without compromising data accuracy.

  Start for free

  No credit card required

  9. Test static vs. popup

  There are various types of online forms.

  The most common is the static form that just sits in one place and is always there.

  Another popular form type is the popup.

  This is where a form will appear based on a certain trigger like :

  • A certain amount of time on page
  • A certain distance scrolling down the page
  • If someone is a new or returning visitor

  Depending on the form software you use, you may be able to add conditional logic.

  Start tracking your form conversions

  Form optimisation is all about conversion rate optimisation.

  If you want to increase your conversions and generate more revenue, then you need to test out different forms and know how to optimise them.

  With Matomo, you can easily track, manage, and A/B test your forms so you can improve your conversions. 

  Try Matomo free for 21 days. No credit card required.

  Try Matomo for Free

  21 day free trial. No credit card required.

  
  

  Your email address
  

  Your website address
  

  Your Analytics subdomain will be .matomo.cloud (change)

  Choose your analytics subdomain
  

  .matomo.cloud

  I accept the terms and conditions and data processing agreement (DPA)

  
  Your information will be used to create an account on our cloud service. For more information please consult our privacy policy.
  
  
  

  Start improving your websites now

  

• The Guide to an Ethical Web : With Big Data Comes Big Responsibility

  13 mars, par Alex Carmona

  Roughly two-thirds of Earth’s 8 billion people use the internet for communication, education, entertainment, business and more. We are connected globally in ways previous generations could’ve never dreamed of. It’s been a wild ride, and we’re just starting.

  Many users have learned that experiences online can be a mix of good and bad. Sometimes, the bad can feel like it outweighs the good, particularly when large tech companies use our data shadily, cut corners on accessibility or act in any other way that devalues the human being behind the screen.

  As fellow internet citizens, what responsibility do we have to create a more ethical web for our customers ?

  In this article, we’ll look at ethical principles online and how to act (and not act) to build trust, reach customers regardless of ability, safeguard privacy and stay compliant while improving business outcomes.

  

  What is an “ethical web” ?

  When we talk about the ethical web, we’re talking about the use of the internet in an ethical way. Among other values, it involves transparency, consent and restraint. It applies the Golden Rule to the internet : Treat others (and their data and user experience) how you’d want yourself (and yours) to be treated. 

  With limited oversight, the internet has evolved in ways that often prioritise profit over user rights. While selling data or pushing cookies might seem logical in this context, they can undermine trust and reputation. And the tide is slowly but surely shifting as consumers and legislators push back.

  Consumers no longer want to buy from companies that will use their data in ways they don’t agree to. In 2022, 75% of UK and US consumers surveyed said they were uncomfortable purchasing from businesses with weak data ethics.

  Legislators worldwide have been taking part in this effort for nearly a decade, with laws like GDPR in the EU and LGPD in Brazil, as well as the various state laws in the US, like California’s CCPA and Virginia’s VCDPA. 

  Even tech giants are no longer above the law, like Meta, which was fined over a billion Euros for GDPR violations in 2023.

  

  These changes may make the internet feel less business-friendly at first glance, but ethical choices ultimately build a stronger digital ecosystem for both companies and consumers. 

  Likewise, all internet users alike can make this happen by shunning short-term profit and convenience for healthier, long-term choices and behaviour.

  As we dig into what it takes to build an ethical web, remember that no company or individual is free from mistakes in these areas nor is it an overnight fix. Progress is made one click at a time.

  Ethical SEO : Optimising your content and your ethics

  Content creation and search engine optimisation (SEO) require so much work that it’s hard to fault creators for not always abiding by search engine guidelines and seeking shortcuts – especially when there’s a sea of LinkedIn posts about how copying/pasting ChatGPT responses helped someone rank #1 for several keywords in one week.

  However, users turn to Google and other search engines for something of substance that will guide or entertain them.

  Content meets customer needs and is more likely to lead to sales when it’s well-written, original and optimised just enough to make it easier to find on the first page of results. This doesn’t happen when content teams dilute quality and waste a reader or viewer’s time on posts that will only yield a higher bounce rate.

  Some SEO pros do find success by building backlinks through private blog networks or crafting a million unedited posts with generative AI, but it’s short-lived. Google and other search engines always catch up, and their content plummets or gets penalised and delisted with every new update.

  Content teams can still rank at the top while sticking to ethical SEO principles. Here’s a sample list of dos and don’ts to get started :

  • Do put content quality above all else. Make content that serves the audience, not just a brand or partner ad network.
  • Do apply the E-E-A-T framework. Search engines value content written by authors who bring expertise, experience, authority and trust (E-E-A-T).
  • Don’t keyword stuff. This might have worked in the early days of SEO, but it hurts readability and now harms article performance.
  • Do use alt text as intended. While it can still help SEO, alt text should prioritise accessibility for users with screen readers.

  • Don’t steal content. Whether it’s violating copyright, copying/pasting other people’s content or simply paraphrasing without citation, companies should never steal content.
  • Don’t steal ideas. It’s okay to join in on a current conversation or trends in an industry, but content creators should be sure they have something valuable to add.
  • Do use AI tools as partners, not creators. AI can be an incredible aid in crafting content, but it should never be posted without a human’s touch.

  When we follow ethical SEO guidelines and get more clients with our content, how do we best handle their data ?

  Ethical data governance : Important principles and how to avoid data misuse

  Data governance comprises every aspect of how a company manages data, including storage, security, privacy, lifecycle management, setting policies and maintaining compliance with laws like GDPR and HIPAA.

  Applying data ethics to governance is doing it all in a transparent, restrained way that acknowledges an individual’s right to ownership over their data. 

  For organisations, this translates to getting consent to collect data and clearly spelling out how it will be stored and used — and sticking to it.

  If a user’s birth date is needed for legal reasons, it cannot be sold to a third party or later used for something else without explicit permission. Reusing data in ways that stray from its original purpose is a form of commingling, one of the data misuses that is easy for even well-intentioned teams to do accidentally.

  Ethical data governance also includes the vigilant safeguarding of users’ data and minimising potential privacy issues.

  Failing to implement and adhere to strong security measures leads to situations like the National Public Data (NPD) breach, where cyber criminals expose the addresses, phone numbers and social security numbers of hundreds of millions of people. This was due in large part to a weakness in storing login credentials and a lack of password policy enforcement.

  No one at NPD wanted this to happen, but security likely took a backseat to other business concerns, leading to the company’s filing for bankruptcy.

  More importantly, as a data broker that aggregates information from other sources, the people affected likely had no clue this organisation had been buying and selling their data. The companies originally entrusted with their information helped provide the leaked data, showing a lack of care for privacy.

  Situations like this reinforce the need for strict data protection laws and for companies to refine their data governance approach. 

  Businesses can improve their data governance posturing with managers and other higher-ups setting the right tone at the top. If leadership takes a firm and disciplined approach by setting and adhering to strong policies, the rest of the team will follow and minimise the chances of data misuse and security incidents.

  One way to start is by using tools that make the principles of data ethics easier to follow.

  Ethical web analytics : Drawing insights while respecting privacy

  Web analytics tools are designed to gather data about users and what they do while visiting a site.
  The most popular tool worldwide is Google Analytics (GA). Its brand name and feature set carry a lot of weight, but many former users have switched to alternatives due to dissatisfaction with the changes made in GA4 and reservations about the way Google handles data.

  

  Google is another tech giant that has been slapped with massive GDPR fines for issues over its data processing practices. It has run so afoul of compliance that it was banned in France and Austria for a while. Additionally, in the US Department of Justice’s ongoing antitrust lawsuit against Google, the company’s data tracking has been targeted for both how it affects users and potential rivals.

  Unlike GA, ethical web analytics tools allow websites to get the data they need while respecting user privacy.

  Matomo offers privacy protections like :

  • Providing data anonymisation and IP anonymisation
  • Allowing users the ability to not process personally identifiable information (PII)
  • Disabling the ability to track users across websites by default to make compliance easier
  • Giving users full control over their customer data without the risk of it getting into the hands of third parties
  • Much more

  We’re also fully transparent about how we handle your data on the web and in the Matomo Cloud and in how we build Matomo as an open-source tool. Our openness allows you to be more open with your customers and how you ethically use their data.

  There are other GDPR-compliant tools on the market, but some of them, like Adobe Analytics, require more setup from users for compliance, don’t grant full control over data and don’t offer on-premise options or consent-free tracking.

  Beyond tracking, there are other ways to make a user’s experience more enjoyable and ethical.

  Ethical user experience : User-friendliness, not user-hostility

  When designing a website or application, creating a positive user experience (UX) always comes first. 

  The UI should be simple to navigate, data and privacy policy information should be easy to find and customers should feel welcomed. They must never be tricked into consenting or installing. 

  When businesses resort to user-hostile tactics, the UX becomes a battle between the user and them. What may seem like a clever tactic to increase sign-ups can alienate potential customers and ruin a brand’s image. 

  Here are some best practices for creating a more ethical UX :

  Avoid dark patterns

  Dark patterns are UI designs and strategies that mislead users into paying for, agreeing to or doing something they don’t actually want. These designs are unethical because they’re manipulative and remove transparency and consent from the interaction. 

  In some cases, they’re illegal and can bring lawsuits. 

  In 2023, Italy’s Data Protection Authority (DPA) fined a digital marketing company €300,000 for alleged GDPR violations. They employed dark patterns by asking customers to accept cookies again after rejecting them and placing the option to reject cookies outside the cookie banner. 

  Despite their legality and 56% of surveyed customers losing trust in platforms that employ dark patterns, a review by the Organisation for Economic Co-operation and Development (OECD) found that 76% of the websites examined contained at least one dark pattern.

  

  If a company is worried that they may be relying on dark patterns, here are some examples of what to avoid :

  • Pre-ticking boxes to have users agree to third-party cookies, sign up for a newsletter, etc.
  • Complicated cookie banners without a one-click way to reject all unnecessary cookies
  • Hiding important text with text colour, under drop-down menus or requiring hovering over something with a mouse 
  • “Confirm shaming” users with emotionally manipulative language to delay subscription cancellations or opt out of tracking 

  Improve trust centres

  Trust centres are the sections of a website that outline how a company approaches topics like data governance, user privacy and security. 

  They should be easy to find and understand. If a user has a question about a company’s data policy, it should be one click away with language that doesn’t require a law degree to comprehend.

  Additionally, trust centres must cover all relevant details, including where data is stored and who does the subprocessing. This is an area where even some of the best-intentioned companies may miss the mark, but it’s also an easy fix and a great place to start creating a more ethical web.

  Embrace inclusivity

  People want to feel welcomed to the party — and deserve to be — regardless of their race, ethnicity, religion, gender identity, orientation or ability. 

  Inclusivity is great for customers and companies alike. 

  A study by the Unstereotype Alliance found that progressive marketing drove up short- and long-term sales, customer loyalty and purchase consideration. A Kantar study reported that 75% of surveyed customers around the world consider a company’s diversity and inclusivity when making a purchasing decision.

  An easy place to start embracing inclusivity is with a website’s blog images. The people in photos and cartoons should reflect a variety of different backgrounds.

  Another area to improve inclusivity is by making your site or app more accessible.

  Accessibility ethics : An internet for everyone

  Accessibility is designing your product in a way that everyone can enjoy or take part in, regardless of ability. Digital accessibility is applying this design to the web and applications by making accommodations like adding descriptive alt text to images for users with visual impairments.

  Just because someone has a hearing, vision, speech, mobility, neurological or other impairment doesn’t mean they have any less of a right to shop online, read silly listicles or get into arguments with strangers in the comment section.

  Beyond being the right thing to do, the Fable team shows there’s a strong business case for accessibility. People with disabilities have money to spend, and the accommodations businesses make for them often benefit people without disabilities, too – as anyone who streams with subtitles can attest.

  Despite being a win-win for greater inclusivity and business, much of the web is still inaccessible. WebAIM, a leader in web accessibility, studied a million web pages and found an average of over 55 accessibility errors per page.

  We must all play a more active role in improving the experience of our users with disabilities, and we can start with accessibility auditing and testing.

  An accessibility audit is an evaluation of how usable a site is for people with disabilities. It may be done in-house by an expert on a company’s team or, for better results, a third-party consultant who can give a fully objective audit.

  Auditing might consist of running an automated tool or manually checking your site, PDFs, emails and other materials for compliance with the Web Content Accessibility Guidelines list.

  Accessibility testing is narrower than auditing. It checks how accessibility or its absence looks in action. It can be done after a site, app, email or product is released, but it ideally starts in the development process.

  Testing should be done manually and with automated tools. Manual checks put developers in the position of their users, allowing them to get a better idea of what users are dealing with firsthand. Automated tools can save time and money, but there should always be manual testing in the process.

  Auditing gives teams an idea of where to start with improving accessibility, and testing helps make sure accommodations work as intended.

  Conclusion

  At Matomo, we strive to make the ethical web a reality, starting with web analytics.

  For our users, it means full compliance with stringent policies like GDPR and providing 100% accurate data. For their customers, it’s collecting only the data required to do the job and enabling cookieless configurations to get rid of annoying banners. 

  For both parties, it’s knowing that respect for privacy is one of our foundational values, whether it’s the ability to look under Matomo’s hood and read our open-source code, the option to store data on-premise to minimise the chances of it falling into the wrong hands or one of the other ways that we protect privacy.

  If you weren’t 100% ethical before, it’s never too late to change. You can even bring your Google Analytics data with you.

  Join us in our mission to improve the web. We can’t do it alone ! 

  Try Matomo free for 21 days

  no credit card required