• Home
  • Google Analytics
    • Customizations
    • For Ecommerce
  • Speaking
  • About
    • About Me
    • Contact Me
    • Disclaimer and Privacy Policy

Analytics Talk

Digital Analytics for Business

You are here: Home / About Google Analytics / Understanding The Google Analytics Terms of Service

Understanding The Google Analytics Terms of Service

Posted: June 26, 2007 8 Comments

Private eyes...How many people here have read the Google Analytics Terms of service (TOS)? Anyone? Bueller? If you’re using GA you should know what you can and can not do with the tool, which is outlined in the TOS.

You can find the TOS, in all its glory, here: http://www.google.com/analytics/tos.html

The first part of the TOS is actually very interesting. It defines certain GA terms including:

  • Page View: “Page View” is the unit of measurement for usage of the Service. A Page View is used when the UTM is executed on a web page accessed by a visitor, and processed as part of a Profile. A Page View will be incurred for each instance of the UTM on the web page, and for each Profile receiving information from the UTM for such web page.
  • Profile: “Profile” means the collection of settings that together determine the information to be included in, or excluded from, a particular Report. For example, a Profile could be established to view a small portion of a web site as a unique Report. There can be multiple Profiles established under a single Site.
  • UTM: “UTM” means the proprietary Google Analytics Tracking Code, which is installed on a web page for the purpose of collecting Customer Data, together with any fixes, updates and upgrades provided to you (collectively, the “UTM”).

I especially like the definition of a profile. Many people have trouble understanding that a profile is more than just a website. It’s business rules (filters) applied to a set of data.

But my favorite part is section 7, the PRIVACY section:

7. PRIVACY . You will not (and will not allow any third party to) use the Service to track or collect personally identifiable information of Internet users, nor will You (or will You allow any third party to) associate any data gathered from Your website(s) (or such third parties’ website(s)) with any personally identifying information from any source as part of Your use (or such third parties’ use) of the Service. You will have and abide by an appropriate privacy policy and will comply with all applicable laws relating to the collection of information from visitors to Your websites. You must post a privacy policy and that policy must provide notice of your use of a cookie that collects anonymous traffic data.

I think there are two very interesting things to note about section 7:

First, you can not use GA to collect any personally identifiable information (PII). This means no names, email addresses, IP addresses, etc. One mistake that many people make, inadvertently, is collecting PII in the URL. If you have a form that collects visitor data, and that form passes data via query string parameter, then you may be collecting PII. If you’re unsure if you are collecting PII, just check the top content report. Look for any records that include an email address, name, etc. It’s easy to resolve this issue, just exclude the appropriate query string parameters in the profile settings.

Also, if you’re using any third party solutions make sure that they do not violate the GA TOS.

Second, you must post a privacy policy on your website that informs visitors that you are using a cookie to collect clickstream data. This was a surprise to me. I’m 99% sure that this blog has no posted privacy policy. Doh!

What are the consequences of violating this policy? Honestly, I don’t know. I’ve always advised clients to adhere to this policy as it is in the best interest of their customers. And happy customers are usually a good thing. There are options to integrate GA data with other information… but that’s a completely different blog post.

Filed Under: About Google Analytics Tagged With: google-analytics

Comments

  1. Jacques Warren says

    June 26, 2007 at 10:02 am

    With GA being free and widely implemented (not always with the planning and care a paid solution would tend to bring), I would suggest that most sites haven’t taken the pain of defining a PP, or modified it to include the part about the cookies and stats.

    But then again, who is going to enforce it? Google? The GAACs?

    Reply
  2. Justin says

    June 26, 2007 at 10:19 am

    Hi Jacques,

    You make a great point. Many of the smaller/mid-size companies that we work with do not have a PP.

    As for enforcement, I’m not sure who’s responsibility that is. I know that, as a GAAC, we always advice our clients to follow the GA TOS. We can’t make them do that, but most do follow our advice. I think it makes sense for Google to enforce the policy in the future as GA is their product.

    Thanks for adding to the discussion,

    Justin

    Reply
  3. ML says

    June 26, 2007 at 10:33 am

    I have to say that’s a heck of a last sentence to leave things on. Here’s why: assume I’m using GA data to track offline conversions. Using custom code, GA cookie data is retrieved and submitted with the form data that drives the offline purchasing process. I’m doing this because I have a natural motivation to track what keywords and clickstream profiles are resulting in the most–and most profitable–conversions.

    Problem is, the form data submitted to the offline conversion engine of course contains all sorts of personally identifiable information. Users know full well that they’re entering and submitting this information, and the whole process is voluntary; nevertheless, it is PII. Is there no way to then to use GA to marry keyword and clickstream data to individual transactions if the conversion takes place elsewhere? If the conversion process were entirely online, I’d be using the same data in the same way to the same end, but since GA would strip all PII, I’d never come into conflict with the TOS. The further irony is that I couldn’t care less about marrying clickstream data with individual identities–the only thing important to me is transactions–but identities are all that link the visitor who submits that form to the sale that takes place later, offline. I don’t want to wind up stuck just because my data could technically be reorganized to document clickstream data identity by identity.

    The business for which this data is being collected sells products that amount to enormous capital investments. Transactions of this magnitude aren’t typically executed online, though they frequently start there. Am I right in perceving that the GA terms of service might rule out using the GA cookies to feed offline conversion tracking?

    Reply
  4. June says

    June 27, 2007 at 9:48 am

    Excellent post, Justin.

    For any GA accounts we set up for clients (in their name), we PDF the TOS at time of account setup and send it to the client, stressing that the GA account is their account and they have to agree and accept the TOS by using the GA script on their website. If they have any problems with the TOS, these issues need to be addressed ASAP before work proceeds to add the script, create profiles, filters, etc.

    Aside from the privacy policy, organizations need to pay attention to section 8, Indemnification. This clause may cause angst with some legal departments.

    Process, process, process :)

    Cheers,

    June

    Reply
  5. Justin says

    June 27, 2007 at 2:56 pm

    June,

    What a great idea! I’m going to start doing the same thing with our clients.

    Thanks for sharing.

    Justin

    Reply
  6. emsketch says

    October 14, 2008 at 12:55 pm

    Hi,

    My question is in reference to section 7 of the TOS. It seems as though GA automatically tracks and/or collects user email addresses if you tag links in an HTML email. I found an article that outlines how GA does this. Here is the article:

    http://www.campaignmonitor.com/help/topic.aspx?t=112#subscribers

    By doing this, is GA violating their own TOS? Or is this dependent upon how the user has configured the tagged links?

    Reply
  7. emsketch says

    October 14, 2008 at 3:49 pm

    If GA does not collect any identifiable information, then why does it collect the email addresses of users who click on a tagged link in an HTML email?

    Reply

Trackbacks

  1. Tracking Email with Google Analytics – Analytics Talk says:
    June 1, 2012 at 8:31 am

    […] email address to your GA data using link tagging. While this is possible, keep in mind the GA terms of service specifically forbids the collection of personally identifiable information with Google […]

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

My Books

Google Analytics by Justin Cutroni
Learn More on Amazon.com

Performance Marketing co-authored by Justin Cutroni
Learn More on Amazon.com

Recent Posts

  • Understanding the Google Analytics Cohort Report
  • Using Offline and Online data to drive Google Analytics Remarketing
  • Understanding Cross Device Measurement and the User-ID
  • Universal Analytics: Now out of beta!
  • Advanced Content Tracking with Universal Analytics

Categories

  • About Google Analytics (25)
  • Analysis (52)
  • Analytics Strategy (3)
  • Campaign Tracking (14)
  • Ecommerce (8)
  • Event Tracking (10)
  • Remarketing (2)
  • Reporting (10)
  • Resources (7)
  • Tag Management (5)
  • Tips (25)
  • Tracking (52)
  • Uncategorized (64)
  • Universal Analytics (9)
  • Web Analytics (15)

Copyright © 2023 ·News Pro Theme · Genesis Framework by StudioPress · WordPress