Configurator
Configuring your analytics solution is important.
The GDPR, as well as the control authorities, regulate today the use of personal data, and the conditions of use of trackers on your digital platforms.
A bad configuration can expose you to bad quality data, an impacted brand image and financial penalties.
This "Compliance" category aims to help you choose a configuration that best suits your needs, whether they are business or legal.
Global table
Because Piano Analytics is being used over many countries, and many companies, several configurations currently exist.
Here is a global table to see which configuration would suit your needs:
| Configuration | France | European Union | World |
|
OPT-IN BY DEFAULT |
✘ | ✘ | ✔ |
|
OPT-OUT BY DEFAULT |
✔ | ✔ | ✔ |
|
NO CONSENT BY DEFAULT |
✔ | ✔ | ✔ |
|
MATCHING |
✔ | ! Only with Data Protection Authority validation | ✔ |
|
CNIL EXEMPTION |
✔ | ✘ | ✘ |
|
HYBRID ANALYTICS |
✔ | ✘ | ✘ |
Important
Please refer to your legal/dpo teams or data protection authority to validate the use of the appropriate configuration.Detailed summary
All these configurations are listed from the less privacy compliant to the most privacy compliant approach but here are a bit more details.
Opt-in by default
No consent is asked, the visitor is by default considered as opt-in and any data can be sent.
Opt-out by default
Consent is asked, but visitors are considered as opt-out (only visible in Privacy Analysis) before they optin, only then any data can be sent.
No consent by default
Consent is asked but visitors are considered as no-consent (a free option makes them only visible in Privacy analysis) before they optin, only then any data can be sent.
Matching
Before consent was expressed, a visitor ID is given and changing from one page to the other preventing visitor identification until opt-in.
When the visitor decides to opt-in, his last visitor ID is reused and fixed for the rest of his visit and later visits.
CNIL Exemption
No consent is asked, visitors are considered as exempt and fill our analysis outside the Privacy analysis.
Since no consent is asked, visitors cannot opt-in therefore, they cannot be identified as users or send any personal data.
Hybrid Analytics
Just like CNIL Exemption but with the ability to opt-in.
Consent is asked but visitors are considered as exempt before they opt-in.
Only when they do opt-in their user identification and personal data can be sent.
Important
All of these methods listed above require a clear mention of a way to opt-out, in any country, on any site using analytics.