Piwik

Les articles publiés sur le site

• GDPR : How to fill in the information asset register when using Matomo ?

  4 avril 2018, par InnoCraft

  Disclaimer: this blog post has been written by digital analysts, not lawyers. The purpose of this article is to explain you in details how we filled in the information asset register for Matomo. This work comes from our interpretation of the UK privacy commission resources (ICO). It cannot be considered as professional legal advice. So as GDPR, this information is subject to change.

  The information asset register is for us one of the most important parts of the GDPR implementation process. It consists of an inventory of all information systems you are using to process personal data, exactly like a ledger for an accountant. Note that small and medium-sized organizations could be exempted.

  Filling out this register can be a time-consuming activity. Therefore, we decided to show you a real case sample which we did for Matomo Analytics

• How to make Matomo GDPR compliant in 12 steps

  3 avril 2018, par InnoCraft

  Important note: this blog post has been written by digital analysts, not lawyers. The purpose of this article is to briefly show you where Matomo is entering into play within the GDPR process. This work comes from our interpretation of the UK privacy commission: ICO. It cannot be considered as professional legal advice. So as GDPR, this information is subject to change. We strongly advise you to have a look at the different privacy authorities in order to have up to date information.

  The General Data Protection Regulation (EU) 2016/679, also referred to RGPD in French, Datenschutz-Grundverordnung, DS-GVO in German, is a regulation on data protection and privacy for all individuals within the European Union. It concerns organizations worldwide dealing with EU citizens and will come into force on the 25th May 2018.

  The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. It includes cookies, IP addresses, User ID, location, and any other data you may have collected.

  We will list below the 12 steps recommended by the UK privacy commissioner in order to be GDPR compliant and what you need to do for each step.

  The 12 steps of GDPR compliance according to ICO and how it fit with Matomo

  As mentioned in one of our previous blog post about GDPR, if you are not collecting any personal data with Matomo, then you are not concerned about what is written below.

  If you are processing personal data in any way, here are the 12 steps to follow along with some recommendations on how to be GDPR compliant with Matomo:

  1 – Awareness

  Make sure that people within your organization know that you are using Matomo in order to analyze traffic on the website/app. If needed, send them the link to the “What is Matomo?” page.

  2 – Information you hold

  List all the personal data you are processing with Matomo within your record of processing activities. We are personally using the template provided by ICO which is composed of a set of 30 questions you need to answer regarding your use of Matomo. We have published an article which walks you through the list of questions specifically in the use case of Matomo Analytics. Please be aware that personal data may be also tracked in non-obvious ways for example as part of page URLs or page titles.

  3 – Communicating privacy information

  a – Add a privacy notice

  Add a privacy notice wherever you are using Matomo in order to collect personal data. Please refer to the ICO documentation in order to learn how to write a privacy notice. You can learn more in our article about creating your privacy notice for Matomo Analytics. Make sure that a privacy policy link is always available on your website or app.

  b – Add Matomo to your privacy policy page

  Add Matomo to the list of technologies you are using on your privacy policy page and add all the necessary information to it as requested in the following checklist. To learn more check out our article about Privacy policy.

  4 – Individuals’ rights

  Make sure that your Matomo installation respects all the individuals’ rights. To make it short, you will need to know the features in Matomo that you need to use to respect user rights (right of access, right of rectification, right of erasure…). These features are available starting in Matomo 3.5.0 released on May 8th: GDPR tools for Matomo (User guide).

  5 – Subject access requests

  Make sure that you are able to answer an access request from a data subject for Matomo. For example, when a person would like to access her or his personal data that you have collected about her or him, then you will need to be you able to provide her or him with this information. We recommend you design a process for this like “Who is dealing with it?” and check that it is working. If you can answer to the nightmare letter, then you are ready. The needed features for this in Matomo will be available soon.

  6 – Lawful basis for processing personal data

  There are different lawful basis you can use under GDPR. It can be either “Legitimate interest” or “Explicit consent”. Do not forget to mention it within your privacy policy page. Read more in our article about lawful basis.

  7 – Consent

  Users should be able to remove their consent at any time. By chance, Matomo is providing a feature in order to do just that: add the opt-out feature to your privacy policy page.
  We are also offering a tool that allows you optionally to require consent before any data is tracked. This will be useful if a person should be only tracked after she or he has given explicit consent to be tracked.

  8 – Children

  If your website or app is targeted for children and you are using Matomo, extra measures will need to be taken. For example you will need to write your privacy policy even more clear and moreover getting parents consent if the child is below 13. As it is a very specific case, we strongly recommend you to follow this link for further information.

  9 – Data breaches

  As you may be collecting personal data with Matomo, you should also check your “data breach procedure” to define if a leak may have consequences on the privacy of the data subject. Please consult ICO’s website for further information.

  10 – Data Protection by Design and Data Protection Impact Assessments

  Ask yourself if you really need to process personal data within Matomo. If the data you are processing within Matomo is sensitive, we strongly recommend you to make a Data Protection Impact Assessment. A software is available from the The open source PIA software helps to carry out data protection impact assessment, by French Privacy Commissioner: CNIL.

  11 – Data Protection Officers

  If you are reading this article and you are the Data Protection Officer (DPO), you will not be concerned by this step. If that’s not the case, your duty is to provide to the DPO (if your business has a DPO) our blog post in order for her or him to ask you questions regarding your use of Matomo. Note that your DPO can also be interested in the different data that Matomo can process: “What data does Matomo track?” (FAQ).

  12 – International

  Matomo data is hosted wherever you want. So according to the location of the data, you will need to show specific safeguard except for EU. For example regarding the USA, you will have to check if your web hosting platform is registered to the Privacy Shield: privacyshield.gov/list
  Note: our Matomo cloud infrastructure is based in France.

  That’s the end of this blog post. As GDPR is a huge topic, we will release many more blog posts in the upcoming weeks. If there are any Matomo GDPR topic related posts you would like us to write, please feel free to contact us.

  The post How to make Matomo GDPR compliant in 12 steps appeared first on Analytics Platform - Matomo.

• How to install a Matomo premium feature

  31 janvier 2018, par InnoCraft

  You may have noticed over the last few months that many fantastic new features have been launched on the Matomo Marketplace. As some of them are paid premium features, you may wonder if the process to install them is straightforward, if you can test them before, and whether there is any support behind it. No worries – we’ve got you covered! This blog post will answer some questions you may have about getting your first premium plugin.

  So why are there some premium features?

  Researching, building, documenting, testing and maintaining quality products take years of experience and months of hard work by the team behind the scenes. When you purchase a premium plugin, you get a fully working product and you directly help the Matomo core engineers to grow and fund the new Free Matomo versions and cool features.

  However, it is important for us to mention that Matomo will always be free, it is a Free software under GPLv3 license and it will always be the same.
  Want to know more about this? Check out our FAQ about why there are premium features.

  Can I test a premium feature before a purchase?

  Absolutely. There are two ways in order to do that:

  1. InnoCraft Matomo Cloud
  2. Matomo Marketplace

  1. InnoCraft Matomo Cloud

  The easiest way is to create a free trial account (one minute of your time) on our Matomo cloud service. You will then have the possibility to test all the premium features during a 30-day trial period. No credit card is required.

  

  Every premium feature can be trialled for free on the Matomo Cloud

  2. Matomo Marketplace

  The second way is to get the premium feature from the Matomo Marketplace. We have an easy and hassle-free 30-day money back guarantee period on each feature. This means that if you are not happy with a premium feature and you are within the 30-day period, then you will get a full refund for it. Guaranteed!

  How to purchase and install a premium feature?

  Step 1: Purchasing the feature

  In order to get a premium feature, just add it to the cart:

  

  Once done, go to your cart and complete the checkout process to confirm the order.

  When the order is confirmed, you immediately get your license key on the order confirmation page. You also receive the license key by email.

  Step 2: Activating the feature in your Matomo

  Now that you have received the license key, it is time to activate the plugin in your Matomo:

  • Log in to your Matomo and go to “Administration => Marketplace
  • Copy / paste the license key into the license field at the top of the page and click “Activate”

  

  • The key will now be activated and you will see a couple of new buttons.

  

  • To install the premium feature(s) you just purchased in one click, simply click on “Install purchased plugins”. Alternatively, you can scroll down in the Marketplace to the premium feature you purchased and click on “Install”. You can also download the ZIP file on https://shop.matomo.org/my-account/downloads

  And that’s it. The installation of a premium feature is as easy as copy/pasting the license key and clicking a button. Because one license key is linked to all purchased premium features, you only need to enter the license key once. The next time you purchase a premium feature, you simply click on “Install” to have it up and running.

  Updating a premium feature

  Updates for premium features work just like regular plugin updates. When there is a new update available, you will see a notification in the Matomo UI and also receive an email (if enabled under “General Settings”). To upgrade the feature simply click on “Update” and you’re done.

  Which support is provided for each of those premium features?

  Premium features represent most of our day to day activity, so you can be 100% sure that we will do our maximum in order to answer any of your questions regarding them. To be 100% transparent, we often receive answers from our customers telling us how impressed they are by the quality of the service we are offering.

  Have any questions?

  We are happy to answer any questions you may have so feel free to get in touch with us.

  Thanks!

  The post How to install a Matomo premium feature appeared first on Analytics Platform - Matomo.

• It’s January 28th : Let’s celebrate Data Privacy !

  29 janvier 2018, par Matomo Core Team

  It is a special Sunday here for us at Matomo, as today is international Data Privacy Day. The day was created in 2007 to raise awareness of the importance of data privacy for people and businesses worldwide.

  

  What is data privacy about?

  Personal data refers to any data which is collected and can be linked to an individual human being such as phone records, credit card transactions, GPS position, IP addresses, browsing history… So basically, personal data refers to your identity online. That is why you should be highly concerned about sending your personal data (or your customers’ personal data) away. It is important to be aware of who is collecting the information and how it is being used.

  What big changes are happening in 2018?

  New privacy regulations GDPR comes into play next May 2018: GDPR will bring about some changes (in the right direction) by making people and businesses aware of what data privacy means, and what they should be doing to protect their customers’ privacy. With these new regulations, data privacy awareness is reaching a critical milestone this year.

  How can I protect my privacy?

  Here are a few tips to protect your privacy:

  • Educate yourself on the importance of privacy: the more informed you are the better.
  • Use open source solutions where you can keep full control of your own data (such as NextCloud instead of Dropbox and of course Matomo instead of Google Analytics),
  • Experiment with different online services to protect your data privacy, for example using an alternative search engine (such as DuckDuckGo instead of Google) or an alternative email provider (such as ProtonMail).

  What’s coming next for Matomo and Privacy?

  Here at Matomo, we are building the leading decentralised open web analytics platform. We’re currently working on new sets of privacy features to make compliance with GDPR a breeze. Stay tuned here to be notified when we launch the new privacy compliance tools!

  And in case you’ve missed this important info, you may be interested in:

  • Configure Privacy Settings in Matomo
  • 11 ways Matomo Analytics helps you to protect your visitors privacy

   

  The post It’s January 28th: Let’s celebrate Data Privacy! appeared first on Analytics Platform - Matomo.

• 5 questions you should ask yourself before defining a custom alert in Matomo

  24 janvier 2018, par InnoCraft

  In Matomo, you can create Custom Alerts to automatically be notified of important changes on your website or app. They are a great way to save time, but they also spam your mailbox quickly. Defining good custom alerts takes therefore time and requires some preparations. Here are recommendations on what you should focus on to only get the right alerts at the right time.

  There are several questions you should ask yourself before you define a custom alert:

  1. Do you really want to be alerted? If the answer is no, then do not use this feature.
  2. What is the level of this alert? Not important, interesting, highly critical… if it is not highly critical, do not define an alert for this. Probably the emailing report or custom reports feature will be a better fit.
  3. How would you like to be alerted? SMS, email, sound, homing pigeon (unfortunately we do not support this feature at that time). If you are looking at your emails once a week, then defining a daily email alert won’t make sense.
  4. How would you like the alert to be named? Give your alert the most explicit name, that’s the first information you will see when you get alerted.
  5. What will be the next step once the alert is triggered? If you cannot find any action once the alert is triggered, then probably an alert doesn’t make sense.

  Once those questions are answered, you can start configuring custom alerts. There are many alerts you can define but as just mentioned, which alerts you should create always depends on your goals and what is critical to you, or your business. Let’s look at some custom alerts that we see quite often.

  No visit

  One of the easiest custom alert to define. You probably want to be alerted if your website did not receive any visit. As this alert is highly critical, you will want to receive an e-mail, even an SMS. This alert will trigger only if the number of visits is below 1 on a daily basis:

  

  Here the action we will take is to have a look at the website in order to see if it is still live. If the site still works, we will look at the tracking code in order to see if the website is still correctly tracked or not.

  Convinced of this custom alert? Let’s look at another example.

  Target achieved

  Let’s say you gave a goal to one of your employee to reach a specific threshold in terms of conversions. You can then define a custom alert in order to inform you when the threshold has been reached.

  You can simply do this with an alert saying “Target achieved by Franck” where number of conversions equals the number of actions you defined with him. It takes you only a minute to define something you would have missed otherwise.

  

  Here the actions we can think of are either to congratulate Franck or to ask him what is going wrong if the target is not achieved.

  Did you know that you can also take advantage of Matomo premium features to define custom alerts? Let’s see one of them.

  Lost SEO ranking

  If you are using the Search Engine Keyword Performance premium feature, there are really interesting combinations you can use to create custom alerts.
  For example, you can be notified when a specific keyword lost or reached a position:

  

  You will be alerted when your website is losing some positions within the search engine results for specific keywords. Here the action we could take is to investigate why we lost a position on Google for this keyword.

  There are many custom alert combinations waiting for you out there. Why not giving them a try? If you have any questions, feel free to ask them on the Matomo forums.

  The post 5 questions you should ask yourself before defining a custom alert in Matomo appeared first on Analytics Platform - Matomo.