This issue is the master issue where we discuss new features and changes needed in Matomo to make it easier for users be GDPR compliant.
Steps we will take to make Matomo GDPR compliant:
GDPR rights which we won’t cover (at least for now):
We’re planning to finish this work at least 1 month before the GDPR start date of May 25th.
Please check these issues and feel free to comment.
At some point it will be also good to have an action button in the visitor log for "Managing the rights" for that visitor. We would not be able to find the same visitor across sites though very likely. It may be useful though as it can offer a lot of flexibility in finding visitors (for one site).
And we'll likely also build a new very useful little tool: Personal Data Anonymisation & Removal tool #12641
As the current "Settings" and GDPR Tools and GDPR Manager menu entries all refer to different tools and maybe we can simply the structure like something like this:
Could you also create a stripped-down "non personal data" only version of Matomo (that could be selected in the settings)?
That stripped-down version would not collect personal at all. For example, only the following could be tracked:
As far as I understand it, such a Matomo version would be GDPR compliant without the need to show a cookie banner and without the need for consent (as no personal data is collected).
I don't think we will be working on this, however, you can disable plugins to trim down the amount of features and data being recorded etc.
stripped-down version would not collect personal at all
This could be a bit misleading as for example page titles, page URLs, or even campaign names may include personal data.
Hi Everyone, we have released the GDPR Compliant Matomo in 3.5.0-b2 -> Please help us test all the new tools! You can grab it from the beta release channel, learn more: http://piwik.org/faq/how-to-update/faq_159/
Your feedback welcome, please open new issue if you have any feedback or find a bug :rocket: