How to be GDPR compliant with DNN Google Analytics Advanced

Please note that this blog post is based on our own research and interpretation of the General Data Protection Regulation (GDPR). We can’t guarantee that the information provided here is correct and complete. To be safe, please contact your legal counsel to make sure your organization meets all requirements to be GDPR compliant.

The General Data Protection Regulation (GDPR) is a European Union (EU) data privacy regulation that goes into full effect on May 25, 2018. If you use Google Analytics in your DNN environment, you might have some actions to perform.

The purpose of the blog post is to summarize the actions you should execute and how they can be performed easily with our module DNN Google Analytics Advanced.

Enable IP anonymization

You should enable the Google Analytics feature for anonymizing the IP addresses. If you use our module DNN Google Analytics Advanced this can be done by activating the checkbox “Anonymize IP” in the portal settings (see our documentation for more details).

If you already collected tracking data with Google Analytics before enabling the IP anonymization, you should delete the property including all its data and create a new one.

Include an opt-out option in your data privacy

You should provide an option for your visitors to opt-out from the Google Analytics tracking in your data privacy. You should link Google’s “Google Analytics Opt-out Browser Add-on” (link) and provide a cookie opt-out option for browsers that are not supported by the add-on. If you use DNN Google Analytics Advanced you can use the following HTML code that creates a link which uses JavaScript to set the opt-out cookie (see our documentation for more details):

<a href="javascript:weweave.dnngaa.optOut()" onclick="alert('Opt-out successful');">clicking this link</a>

Use “User-ID feature” only after opt-in

You should disable the “User-ID feature” unless you have explicitly asked your (registered) users for their permission to enable this feature. If you do not have your users’ opt-in and you use DNN Google Analytics Advanced, make sure “Enable User-ID feature” is disabled in the portal settings (see our documentation for more details).

Update your Google Analytics account

You should accept the “Data Processing Amendment” in your Google Analytics account (under Admin > Account Settings > Data Processing Amendment).

For each property you should also update the “Data Retention” settings (under “Tracking Info”) and set “User and event data retention: 14 months” and “Reset on new activity: Off”.

Make sure page titles and URLs do not contain personal information

You should make sure your URLs and page page titles do not expose any personal information like e-mail addresses or names. Especially make sure that such information are not passed from one page to another by using the URL query string (like …[email protected]).

DNN Dynamic Roles 02.02.00 released

We’re happy to announce the availability of DNN Dynamic Roles 02.02.00. These release adds support for two new roles “profileProperty” and “title” (see documentation for more details) and we fixed a minor license validation issue. Continue reading

DNN Dynamic Redirect 01.03.01 released

We’re happy to announce the availability of DNN Dynamic Redirect 01.03.01. This release is a maintenance release that fixes compatibility problems with DNN 7. Please note, that the minimum DNN version now is 07.03.01. Continue reading

weweave Commerce 2018031101 released

Today we’ve released a new version of our open-source customer portal weweave Commerce. Version 2018031101 adds better compliance with the requirements of the EU-DSGVO / General Data Protection Regulation (GDPR). This new European law becomes effective in May 2018, so you’ll better be prepared. Continue reading

WP Ajaxify Comments 1.5.1 released

WP Ajaxify Comments 1.5.1 is here! We’ve fixed a small bug that could lead to a “Undefined variable: wpac_options” message. Continue reading

DNN Dynamic Redirect 01.03.00 released

We’re happy to announce the availability of DNN Dynamic Redirect 01.03.00. This release backports all features and fixes that we added in version 02.XX.XX (up to 02.02.01) of DNN Dynamic Redirect back to the module version that is compatible with DNN 7. Check out our release notes to see what we did up to version 02.02.01 and what is now also available for DNN 7. Continue reading

DNN Dynamic Redirect 02.03.00 released

We’re happy to announce the availability of DNN Dynamic Redirect 02.03.00. This release adds the a feature that allows you to easily import your redirects from a CSV file. Moreover this releases fixes a minor problems in the validation logic when adding or updating a redirect. Continue reading

DNN Hardening 02.00.01 released

We’re happy to announce the availability of DNN Hardening 02.00.01. This is a minor release that fixes a problem for the HTTP Strict Transport Security header. Continue reading

DNN Hardening 02.00.00 released

We’re happy to announce the availability of DNN Hardening 02.00.00. This major release adds compatibility to DNN 8 and DNN 9. Moreover this version contains a lot of new features to secure your DNN system. Continue reading

DNN Google Analytics Advanced 03.01.02 released

We’re happy to announce the availability of DNN Google Analytics Advanced 03.01.02. This maintenance release fixes a minor license validation error (licenses were shown mistakenly “as expired”). Continue reading