@nikeee opened this Issue on May 30th 2018

Hobbyists, that are using GitHub Pages for their project, they need to have Matomo installed on a different subdomain. E. g. the main page is at example.com and the Matomo installation is reachable at analytics.example.com.

As a hobbyist, I wonder what exactly I have to do to become GDPR complaint. Assume that the only thing I want to know is how the site is doing (visists per day and maybe returning visit rate). Since the actual page on example.com runs on GitHub Pages, the hobbyist does not have access to the server log.

Does one need a cookie-notice in this case? What about cookies in the first place? Do I need a privacy policy? Or does the "anonymize IP addresses" checkbox on the last page of the setup suffice?

@Findus23 commented on May 30th 2018 Member

We can't give you legal advice, so take my recommendations with a grain of salt (It also depends on what countries interpretation of GDPR you read):

Assuming your website doesn't have any private data on it and has no interactivity, you should probably be good to go if you follow this guide:
https://matomo.org/blog/2018/04/how-to-not-process-any-personal-data-with-matomo-and-what-it-means-for-you/

In addition you need a privacy policy where you transparently mention all data you are collecting.
Take a look at this template: https://forum.matomo.org/t/privacy-policy-template/28389 (but again I can't provide any warranty that it fits your use case)

This Issue was closed on May 30th 2018
Powered by GitHub Issue Mirror