Telekommunikation-Telemedien-Datenschutz-Gesetz (aka TTDSG) is privacy law that restricts how German citizens’ data is collected and processed. This law doesn’t replace the European GDPR, but only strengthens privacy protection in Germany. It came into force on December 1, 2021, and applies to digital businesses and organizations.
In short, to comply with TTDSG, you need to receive visitors’ consent to store cookies or access their device data like screen resolution, browser plugins and the like. In this article, we’ll show you a few ways to set up Piwik PRO and follow the TTDSG guidelines. But before you decide on one, consult your legal team.
Ask visitors for consent
One way is to use a consent form on your site and ask visitors for consent. You can then collect all data from visitors who consent, and for visitors who don’t, you can pick one option:
- Collect data without using cookies
- Don’t collect data (The safest option.)
To make sure that Piwik PRO won’t read data from the visitor`s device without consent, you’ll need to turn on an additional option: Don’t collect visitor’s device data.
Here’s how the whole setup could look like:
- Apply the GDPR guidelines. Read more
- Turn on Ask visitors for consent and turn on Collect data without using cookies.
Setting: Administration > Sites & apps > Privacy > Ask visitors for consent (on) + Collect data without using cookies (on)
Settings in versions below 16.0.0: Administration > Websites & apps > Settings > Ask visitors for consent (on) + Collect data without using cookies (on)
or
Turn on Ask visitors for consent and turn on Don’t collect data.
Setting: Administration > Sites & apps > Privacy > Ask visitors for consent (on) + Don’t collect data (on)
Settings in versions below 16.0.0: Administration > Websites & apps > Settings > Ask visitors for consent (on) + Don’t collect data (on)
Note: Some triggers in Tag Manager create cookies to work correctly. If you use one of the following conditions in triggers, we’ll set a cookie:
- Event condition > Traffic source
- Event condition > Returning visitor
- Event condition > Campaign
- Event condition > External referrer
- Multiplicity > Fire tag once per session
- Multiplicity > Fire tag multiple times per session, excluding first
- Multiplicity > Fire tag once per page view
Make sure that tags with those triggers are set with the right consent type.
We also set essential cookies that store visitor’s consent decision. More about cookies
Tip: For more, see a comparison of all privacy modes in Piwik PRO.
- Turn on Don’t collect visitor’s device data. With this option turned on, you won’t read screen resolution and browser plugins from a visitor’s device without consent.
Setting: Administration > Sites & apps > Privacy > Don’t collect visitor’s device data (on)
Settings in versions below 16.0.0: Not available
Note: Make sure that you don’t use any other technology that would access the end-user terminal equipment.
Don’t ask visitors for consent
Another way is to give up cookies and collect less accurate visitor data. With this method, you don’t need to ask for cookie consent. You’ll still need to make sure that Piwik PRO won’t read visitor’s device data and use an additional option: Don’t collect visitor’s device data.
Here’s how the whole setup could look like:
- Apply the GDPR guidelines. Read more
- Turn off Ask visitors for consent and turn off Use visitor cookies.
Setting: Administration > Sites & apps > Privacy > Ask visitors for consent (off) + Use visitor cookies (off)
Settings in versions below 16.0.0: Administration > Websites & apps > Settings > Ask visitors for consent (off) + Use visitor cookies (off)
Note: Some triggers in Tag Manager create cookies to work correctly. If you use one of the following conditions in triggers, we’ll set a cookie:
- Event condition > Traffic source
- Event condition > Returning visitor
- Event condition > Campaign
- Event condition > External referrer
- Multiplicity > Fire tag once per session
- Multiplicity > Fire tag multiple times per session, excluding first
- Multiplicity > Fire tag once per page view
If you don’t want to use these cookies, don’t set these conditions in the trigger. More about cookies
Tip: For more, see a comparison of all privacy modes in Piwik PRO.
- Turn on Don’t collect visitor’s device data. With this option turned on, you won’t read screen resolution and browser plugins from a visitor’s device.
Setting: Administration > Sites & apps > Privacy > Don’t collect visitor’s device data (on)
Settings in versions below 16.0.0: Not available
Note: Make sure that you don’t use any other technology that would access the end-user terminal equipment.
Note: For more on TTDSG, see the following articles: