Turn on/off GDPR Compliance On the Website
Turning the GDPR compliance on/off has a great impact on firing tags mechanism. These features change how tags are triggered and how data is collected:
GDPR compliance is off – visitors are opted-in by default
GDPR compliance is on – visitors are opted-out by default and Piwik PRO Consent Manager serve consent form pop-up for new visitors.
To turn the GDPR compliance on/off, follow these steps:
1. Log in to Piwik PRO.
2. Go to Menu > Administration.
3. Click Add new website or app button. If you want to change settings for one of the existing sites, please go to the step 5)
4. Type website name and website’s URL and confirm clicking the OK button.
5. Pick up the website and scroll down to find the GDPR compliance settings on the Privacy section:
a) status: enabled – visitors will be opted-out by default and Piwik PRO Consent Manager will serve consent form pop-up for new visitors.
b) status: disabled – visitors will be opted-in by default
6. Click Configure to change the settings.
7. Turn on
Restrict GDPR compliance only to EU visitors option if you want to serve consent form popup only for visitors from countries which respects GDPR. This option base on visitor’s GeoIP.
If the option is turned on, then consent form pop-up will be fired for visitors from the particular countries. Full list of countries:
Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, UK, Iceland, Liechtenstein, Norway, Switzerland.
Please note this list may change in future.
8. Turn on Anonymous data tracking if you want to enable collection of non-identifiyng visitor data in the absence of consent.
Thanks to that you’ll be able to build own consents form with the behavior you expect.
If you’ll use the API you won’t be able to use options like:
- Predefined consent widgets (visual editor);
- Reacquire visitor’s consent;
- Consents content won’t be available in visitor’s consents history;
- You’ll be able to see visitor’s consents decisions (with no content).
10. Set Custom privacy cookie domains
Set Custom privacy cookie domains if your website’s snippet will be implemented on more than one domains.
We use domain pattern list separated by comma, for example: *.piwik.pro, blog.piwik.pro, kariera.clearcode.cc.
Wildcard pattern at the beginning is possible as you can see above. *.piwik.pro works, but blog.*.piwik.pro not.
There is only one rule for writing and reading from a cookie on browser side: only one cookie is being used. This causes some impacts and you should be fully aware of all of them (more information below).
Shortest wildcard pattern has precedence. For example, if a user fills patterns: *.piwik.pro, *.blog.piwik.pro and current website is tech.blog.piwik.pro, wildcard cookie will be created for *.piwik.pro.
If patterns change after “publishing” initial configuration and some visitors have already saved cookies on the browser and we determine different cookie for privacy settings, pop-up with consents will display again and a user will have to decide again. We don’t copy any previous values and merge them with current ones because it causes a lot of pitfalls. This situation may happen when a user adds/removes wildcard.
If patterns contain piwik.pro without wildcard indicator, then we create an isolated cookie on piwik.pro domain, so settings are not visible on kariera.piwik.pro.
11. Set privacy cookie expiration period
By default, the Privacy Cookie is set for 12 months and it’s counted since a visitor’s last interaction.
You can change this value if you want to keep shorter or longer cookie expiration date.
12. To save the changes click OK.
Please note that clicking on the OK button equals turning on/off GDPR compliance without the need for publishing it in Tag Manager or Consent Manager.