Generate a Disclaimer explaining analytics data tracking and privacy

matomo-org / matomo

Empowering People Ethically with the leading open source alternative to Google Analytics that gives you full control over your data. Matomo lets you easily collect data from websites & apps and visualise this data and extract insights. Privacy is built-in. Liberating Web Analytics. Star us on Github? +1. And we love Pull Requests!

https://matomo.org/

GNU General Public License v3.0

19.64k stars 2.62k forks source link

Generate a Disclaimer explaining analytics data tracking and privacy #3725

Open nullnull-00 opened 11 years ago

nullnull-00 commented 11 years ago

It would be nice to have some kind of automatically generated disclaimer ("This site uses PIWIK web analytics...") which pays attention to local PIWIK settings (e.g. anonymize IP enabled/disabled). This could be added to the privacy manager plugin in a text area from where it can be copied and pasted into the tracked website. Keywords: disclaimer

mattab commented 10 years ago

I think the Disclaimer is a great idea to consider separately from the opt-out iframe, reopening the issue, refs #2889

Proposed Information displayed in the disclaimer:

Quick explanation that Piwik is a web analytics software storing user actions logs in a database,
that the logs are stored for N months
(that the server is hosted in country X and data legislation of X apply)
(that IP is anonymized when at least 2 bytes are anonymized)
(list all data points possibly measured by Piwik)
(that DoNotTrack support is enabled in this Piwik ie. display status)
(later maybe we could link to a more complete Piwik Privacy policy page hosted on this piwik)
(maybe we could display a Privacy Seal for users that have enabled all privacy settings #6173)
do we care to check config settings such as enable_fingerprinting_across_websites=0
...

This text would be generated by an API and available in any format, but also would be embeddable via a widget in any web page or app.

mattab commented 9 years ago

Along with #5907 this will conclude our effort to bring Privacy by default in Piwik installs. Moving to 2.10.0!

see also #6160

mattab commented 9 years ago

from RMS:

I have an public relations idea.

If a site tracks visits through Piwik with the default level of data
collection or less, and does not send any data to any third party,
it could display a symbol sayin "Piwik Privacy".  This would stand
for a certain level of privacy protection, since the only data that
the site would have about a user is

* What Piwik collects, in its default mode, and
* Whatever info the user explicitly gave to the site.

Thus, even if the site commits the worst possibe betrayal.
it can't tell anyone more than that.

tsteur commented 9 years ago

It should be mentioned there that we still recommend people to contact a local lawyer to figure out which information is necessary on a website. Maybe in some countries, such as Germany, they have to put some other specific information on it (and translated). Just to make sure people don't think they can copy/paste this text and everything is good.