Can you use Google Optimize and be GDPR compliant?

To understand the problem behind Google Optimize, GDPR and cookie consent we need to look at the way Google Optimize works.

A (very) simplified process looks like that:

  1. A visitor requests a web-page.
  2. Before the page is fully loaded both Google Optimize AND Google Analytics get loaded.
  3. Google Optimize changes a part of the page before it is shown to the user.
  4. Google Analytics tracks the statistics and conversions.

The second point is very important here. Google Optimize requires Google Analytics to be installed and running.

What this means is that we not only should we be concerned with GDPR compliance with Google Optimize but also with Google Analytics.

And now, let’s look what GDPR requiremes us to do.

What does GDPR really require from you?

I already talked about the confusion around GDPR and Cookie Law so there is no point in repeating that.

If you read it you know that requirements set in front of website owners differ from country to country and so, the process of enabling Google Optimize itself can be different… from country to country.

Of course, you could take the problem head on and do just that – a different solution in each region. But what kind of solution is it really? How cost (in)effective?

My solution to this problem is not really a solution but a recommendation – to always took at the strictest regulation and adjust to that. This way you don’t need to worry if you are GDPR compliant in all countries and you don’t need to be always on the lookout for updates in regulations.

And what are these strict regulations?

For Google Analytics:

  1. We can’t track and later store any publicly indentifiable information on Google’s servers (since they don’t comply with EUs requirements)
  2. We can’t initiate Google Analytics before a user gives their consent to storing cookies required by GA
  3. In the cookie notice we must clearly state that the data is collected by Google Analytics and that it will be transfered to and processed in the US on servers that don’t comply with EUs requirements for data protection.

And for Google Optimize:

  1. We need to obtain consent to use cookies required by Google Optimize

Only after both consents are given can we load Google Analytics and Optimize.

What does this all mean for you?

The above requirements severly limit how you can use Google Optimize. To be more precise:

  1. Google Optimize cannot run until the user gives their permission to storing cookies required by GA and GO.
  2. Running any A/B tests for new visitors is no longer a viable option since they will be able to see the original page until they agree to cookies. Testing landing pages is not possible.

If you have any questions please leave a comment below.

Leave a Reply

Your email address will not be published. Required fields are marked *

Table of Contents

Categories

Get a 50% early-bird discount and a chance to win a free licence?!

Subscribe to the launch notification