@mattab opened this Issue on March 6th 2018 Owner

This issue is the master issue where we discuss new features and changes needed in Matomo to make it easier for users be GDPR compliant.

With Matomo, privacy is built-in. We offer several privacy controls already, but this is not enough for GDPR compliance.

Steps we will take to make Matomo GDPR compliant:

  • GDPR - Overview / Info Screen #12594
  • GDPR - Rights to access data #12595
  • GDPR - Right to erasure or right to be forgotten #12596
  • GDPR - Right to rectification #12597
  • GDPR - The data subject right to restriction of processing & The right to withdraw consent #12598
  • GDPR - The right to be informed #12599

GDPR rights which we won’t cover (at least for now):

  • GDPR - Right to data portability: Not applicable to Matomo.
  • GDPR - Rights around automated decision making and profiling: By default, automated decision making and profiling is not possible with Matomo so we won’t cover this right, at least for now.

We’re planning to finish this work at least 1 month before the GDPR start date of May 25th.

Please check these issues and feel free to comment.

@tsteur commented on March 7th 2018 Owner

At some point it will be also good to have an action button in the visitor log for "Managing the rights" for that visitor. We would not be able to find the same visitor across sites though very likely. It may be useful though as it can offer a lot of flexibility in finding visitors (for one site).

Powered by GitHub Issue Mirror