How to configure Google Analytics in Compliance with the GDPR

Are you the kind of person that wonders ‘How many visited yesterday?’ instead of ‘Who visited yesterday?’ Keep reading. I’ll show you how to configure Google Analytics in compliance with the GDPR — and as a bonus, help you get rid of that cookie notice.

Recently I set up a cookie notice on my site, because I was under the impression that was necessary to comply with the new GDPR laws. So, after I published an update to CAOS and wrote a how-to for my users on how to use CAOS’ new Settings I found out that none of it was actually necessary. Because, basically, you only need to ask for permission if you want to re-use your visitors’ data (e.g. remarketing).

Configuring Google Analytics to be Privacy Friendly

If you use Google Analytics, technically you’re processing data of your visitors. The GDPR is all about asking permission to your visitors — prior consent. If you don’t (or don’t want to) ask for permission, these 6 steps will help you to configure Google Analytics to handle your visitors’ privacy responsibly so you can remove that Cookie Notice.

Disclaimer: all information in this post is translated or derived from guides provided by the Dutch Personal Authority. I can give you no guarantee that following these steps will make you compliant with the version of the GDPR where your business is located, although I’m pretty sure that these laws are practically the same in the entire European Economic Space (EES).

1. Accept the Data Processing Amendment

Wow… That sounds fancy, right? It basically means that you have to agree to the fact that Google will act as the processor of all your visitor’s personal data.

Here’s how you do it. Make sure you’re logged in to your Google Analytics-dashboard, and:

  1. Click ‘Admin‘.
  2. Click ‘Account Settings‘.
  3. Scroll down to a header, called ‘Data Processing Amendment‘.
  4. Click on ‘Updated Amendment‘. If you’ve already agreed to it, it’ll show ‘Review Amendment‘.
  5. In the pop-up, click ‘Done‘ and after the pop-up’s closed, click ‘Save‘.

2. Disable Data Sharing

By default, using Google Analytics means that you agree with Google using the data you provide for its own marketing and technical purposes. This includes benchmarking and improvement of Google’s services. To fully comply, you need to disable these settings:

Remove Cookie Notice - Disable Data Sharing Settings in Google Analytics
Disable Data Sharing Settings in Google Analytics
  1. Click ‘Admin‘.
  2. Click ‘Account Settings‘.
  3. Scroll down to ‘Data Sharing Settings‘ and remove all checkboxes.
  4. Click ‘Save‘.

Sadly this doesn’t mean that Google will immediately remove all visitors’ data you’ve already sent. But at this point, they aren’t allowed to use it anymore — for technical and marketing purposes that is.

3. Disable Data Collection for Advertising Features

You told ’em once. Now tell ’em twice! You told Google to stop using your visitors’ data. But technically you only told them to stop using it for in-house purposes.

Apparently there’s a technical difference between using data and processing data. Using data for technical improvement, benchmarking or e.g. access by an accountancy team is different from processing data for advertising features.

In order to completely disable the usage of your visitors’ data and respect their privacy, you need to do the following:

Remove Cookie Notice - Disable Data Collection for Advertising Features
Disable Data Collection for Advertising Features
  1. Click ‘Admin‘.
  2. In the middle column, underneath ‘Property‘, select ‘Tracking Info‘ and ‘Data Collection‘.
  3. If you’re using Adsense or Adwords, the two visible options will be enabled by default. Disable them.
  4. Click ‘Save‘.

4. Make sure the User-ID feature is disabled

The User-ID feature lets you associate engagement data from different devices and multiple sessions, so you can discover how users interact with your content over an extended period of time. Luckily, it can easily be disabled.

  1. Click ‘Admin‘.
  2. In the middle column, underneath ‘Property‘, select ‘Tracking Info‘ and go to ‘User-ID‘.
  3. If the toggle at the end of the page is turned off, you’re done. If not, disable it and click ‘Save‘.


After you’ve followed all of the above steps you’ve done everything you can to protect your visitors’ private data. It also means that you can almost remove that stupid Cookie Notice from your blog. Google Analytics will from now on respect your visitors privacy. You’ve used all options available in the Dashboard to protect your users’ data. But you’re not done yet. To fully comply to the GDPR you need to make some adjustments in your Analytics tracking-snippet.

  • ❤️ it? Share it!

    About The Author

    14 thoughts on “How to configure Google Analytics in Compliance with the GDPR”

    1. Hi Daan, absolutely perfect WordPress Plugin with an easy setup and a very useful article on “How to setup Google Analytics to be GDPR Compliant”. Everything was already disabled on GA but I didn’t know th IP disabled trick. Thanks a lot!

    2. Hi, do you know how people are getting around the ‘essential cookies’ default and not being able to use Google Analytics? Is there some sort of plugin to get around this limitation?

    3. Hello,
      according to the new (april 2nd 2021) CNIL post and my understanding, users should have the choice to refuse cookies, period, cookiewall might be not forbidden.

      Translated by Google:

      Any answer appreciated

    Leave a Comment

    Your email address will not be published. Required fields are marked *

    This site uses Akismet to reduce spam. Learn how your comment data is processed.

    Shopping Cart
    • Your cart is empty.