Recherche avancée

Sur d’autres sites (4165)

• A Guide to GDPR Sensitive Personal Data

  13 mai 2024, par Erin

  The General Data Protection Regulation (GDPR) is one of the world’s most stringent data protection laws. It provides a legal framework for collection and processing of the personal data of EU individuals.

  The GDPR distinguishes between “special categories of personal data” (also referred to as “sensitive”) and other personal data and imposes stricter requirements on collection and processing of sensitive data. Understanding these differences will help your company comply with the requirements and avoid heavy penalties.

  In this article, we’ll explain what personal data is considered “sensitive” according to the GDPR. We’ll also examine how a web analytics solution like Matomo can help you maintain compliance.

  What is sensitive personal data ?

  The following categories of data are treated as sensitive :

  1. 1. Personal data revealing :
        • Racial or ethnic origin ;
        • Political opinions ;
        • Religious or philosophical beliefs ;
        • Trade union membership ;
     2. Genetic and biometric data ;
     3. Data concerning a person’s :
        • Health ; or
        • Sex life or sexual orientation.

  

  Sensitive vs. non-sensitive personal data : What’s the difference ?

  While both categories include information about an individual, sensitive data is seen as more private, or requiring a greater protection. 

  Sensitive data often carries a higher degree of risk and harm to the data subject, if the data is exposed. For example, a data breach exposing health records could lead to discrimination for the individuals involved. An insurance company could use the information to increase premiums or deny coverage. 

  In contrast, personal data like name or gender is considered less sensitive because it doesn’t carry the same degree of harm as sensitive data. 

  Unauthorised access to someone’s name alone is less likely to harm them or infringe on their fundamental rights and freedoms than an unauthorised access to their health records or biometric data. Note that financial information (e.g. credit card details) does not fall into the special categories of data.

  

  Legality of processing

  Under the GDPR, both sensitive and nonsensitive personal data are protected. However, the rules and conditions for processing sensitive data are more stringent.

  Article 6 deals with processing of non-sensitive data and it states that processing is lawful if one of the six lawful bases for processing applies. 

  In contrast, Art. 9 of the GDPR states that processing of sensitive data is prohibited as a rule, but provides ten exceptions. 

  It is important to note that the lawful bases in Art. 6 are not the same as exceptions in Art. 9. For example, while performance of a contract or legitimate interest of the controller are a lawful basis for processing non-sensitive personal data, they are not included as an exception in Art. 9. What follows is that controllers are not permitted to process sensitive data on the basis of contract or legitimate interest. 

  The exceptions where processing of sensitive personal data is permitted (subject to additional requirements) are : 

  • Explicit consent : The individual has given explicit consent to processing their sensitive personal data for specified purpose(s), except where an EU member state prohibits such consent. See below for more information about explicit consent. 
  • Employment, social security or social protection : Processing sensitive data is necessary to perform tasks under employment, social security or social protection law.
  • Vital interests : Processing sensitive data is necessary to protect the interests of a data subject or if the individual is physically or legally incapable of consenting. 
  • Non-for-profit bodies : Foundations, associations or nonprofits with a political, philosophical, religious or trade union aim may process the sensitive data of their members or those they are in regular contact with, in connection with their purposes (and no disclosure of the data is permitted outside the organisation, without the data subject’s consent).
  • Made public : In some cases, it may be permissible to process the sensitive data of a data subject if the individual has already made it public and accessible. 
  • Legal claims : Processing sensitive data is necessary to establish, exercise or defend legal claims, including legal or in court proceedings.
  • Public interest : Processing is necessary for reasons of substantial public interest, like preventing unlawful acts or protecting the public.
  • Health or social care : Processing special category data is necessary for : preventative or occupational medicine, providing health and social care, medical diagnosis or managing healthcare systems.
  • Public health : It is permissible to process sensitive data for public health reasons, like protecting against cross-border threats to health or ensuring the safety of medicinal products or medical devices. 
  • Archiving, research and statistics : You may process sensitive data if it’s done for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes.

  In addition, you must adhere to all data handling requirements set by the GDPR.

  Important : Note that for any data sent that you are processing, you always need to identify a lawful basis under Art. 6. In addition, if the data sent contains sensitive data, you must comply with Art. 9.

  Explicit consent

  While consent is a valid lawful basis for processing non-sensitive personal data, controllers are permitted to process sensitive data only with an “explicit consent” of the data subject.

  The GDPR does not define “explicit” consent, but it is accepted that it must meet all Art. 7 conditions for consent, at a higher threshold. To be “explicit” a consent requires a clear statement (oral or written) of the data subject. Consent inferred from the data subject’s actions does not meet the threshold. 

  The controller must retain records of the explicit consent and provide appropriate consent withdrawal method to allow the data subject to exercise their rights.

  Examples of compliant and non-compliant sensitive data processing

  Here are examples of when you can and can’t process sensitive data :

  • When you can process sensitive data : A doctor logs sensitive data about a patient, including their name, symptoms and medicine prescribed. The hospital can process this data to provide appropriate medical care to their patients. An IoT device and software manufacturer processes their customers’ health data based on explicit consent of each customer. 
  • When you can’t process sensitive data : One example is when you don’t have explicit consent from a data subject. Another is when there’s no lawful basis for processing it or you are collecting personal data you simply do not need. For example, you don’t need your customer’s ethnic origin to fulfil an online order.

  Other implications of processing sensitive data

  If you process sensitive data, especially on a large scale, GDPR imposes additional requirements, such as having Data Privacy Impact Assessments, appointing Data Protection Officers and EU Representatives, if you are a controller based outside the EU.

  Penalties for GDPR non-compliance

  Mishandling sensitive data (or processing it when you’re not allowed to) can result in huge penalties. There are two tiers of GDPR fines :

  • €10 million or 2% of a company’s annual revenue for less severe infringements
  • €20 million or 4% of a company’s annual revenue for more severe infringements

  In the first half of 2023 alone, fines imposed in the EU due to GDPR violations exceeded €1.6 billion, up from €73 million in 2019.

  Examples of high-profile violations in the last few years include :

  • Amazon : The Luxembourg National Commission fined the retail giant with a massive $887 million fine in 2021 for not processing personal data per the GDPR. 
  • Google : The National Data Protection Commission (CNIL) fined Google €50 million for not getting proper consent to display personalised ads.
  • H&M : The Hamburg Commissioner for Data Protection and Freedom of Information hit the multinational clothing company with a €35.3 million fine in 2020 for unlawfully gathering and storing employees’ data in its service centre.

  One of the criteria that affects the severity of a fine is “data category” — the type of personal data being processed. Companies need to take extra precautions with sensitive data, or they risk receiving more severe penalties.

  What’s more, GDPR violations can negatively affect your brand’s reputation and cause you to lose business opportunities from consumers concerned about your data practices. 76% of consumers indicated they wouldn’t buy from companies they don’t trust with their personal data.

  Organisations should lay out their data practices in simple terms and make this information easily accessible so customers know how their data is being handled.

  Get started with GDPR-compliant web analytics

  The GDPR offers a framework for securing and protecting personal data. But it also distinguishes between sensitive and non-sensitive data. Understanding these differences and applying the lawful basis for processing this data type will help ensure compliance.

  Looking for a GDPR-compliant web analytics solution ?

  At Matomo, we take data privacy seriously. 

  Our platform ensures 100% data ownership, putting you in complete control of your data. Unlike other web analytics solutions, your data remains solely yours and isn’t sold or auctioned off to advertisers. 

  Additionally, with Matomo, you can be confident in the accuracy of the insights you receive, as we provide reliable, unsampled data.

  Matomo also fully complies with GDPR and other data privacy laws like CCPA, LGPD and more.

  Start your 21-day free trial today ; no credit card required. 

  Disclaimer

  We are not lawyers and don’t claim to be. The information provided here is to help give an introduction to GDPR. We encourage every business and website to take data privacy seriously and discuss these issues with your lawyer if you have any concerns.

  Try Matomo for Free

  21 day free trial. No credit card required.

  
  

  Your email address
  

  Your website address
  

  Your Analytics subdomain will be .matomo.cloud (change)

  Choose your analytics subdomain
  

  .matomo.cloud

  I accept the terms and conditions and data processing agreement (DPA)

  
  Your information will be used to create an account on our cloud service. For more information please consult our privacy policy.
  
  
  

  Start improving your websites now

  

• Attribution Tracking (What It Is and How It Works)

  23 février 2024, par Erin

  Facebook, TikTok, Google, email, display ads — which one is best to grow your business ? There’s one proven way to figure it out : attribution tracking.

  Marketing attribution allows you to see which channels are producing the best results for your marketing campaigns.

  In this guide, we’ll show you what attribution tracking is, why it’s important and how you can leverage it to accelerate your marketing success.

  What is attribution tracking ?

  By 2026, the global digital marketing industry is projected to reach $786.2 billion.

  With nearly three-quarters of a trillion U.S. dollars being poured into digital marketing every year, there’s no doubt it dominates traditional marketing.

  The question is, though, how do you know which digital channels to use ?

  By measuring your marketing efforts with attribution tracking.

  

  So, what is attribution tracking ?

  Attribution tracking is where you use software to keep track of different channels and campaign efforts to determine which channel you should attribute conversion to.

  In other words, you can (and should) use attribution tracking to analyse which channels are pushing the needle and which ones aren’t.

  By tracking your marketing efforts, you’ll be able to accurately measure the scale of impact each of your channels, campaigns and touchpoints have on a customer’s purchasing decision.

  If you don’t track your attribution, you’ll end up blindly pouring time, money, and effort into activities that may or may not be helpful.

  Attribution tracking simply gives you insight into what you’re doing right as a marketer — and what you’re doing wrong.

  By understanding which efforts and channels are driving conversions and revenue, you’ll be able to properly allocate resources toward winning channels to double down on growth.

  Matomo lets you track attribution across various channels. Whether you’re looking to track your conversions through organic, referral websites, campaigns, direct traffic, or social media, you can see all your conversions in one place.

  Try Matomo for Free

  Get the web insights you need, without compromising data accuracy.

  Start for free

  No credit card required

  Why attribution tracking is important

  Attribution tracking is crucial to succeed with your marketing since it shows you your most valuable channels.

  It takes the guesswork out of your efforts.

  You don’t need to scratch your head wondering what made your campaigns a success (or a failure).

  While most tools show you last click attribution by default, using attribution tracking, or marketing attribution, you can track revenue and conversions for each touchpoint.

  For example, a Facebook ad might have no led to a conversion immediately. But, maybe the visitor returned to your website two weeks later through your email campaign. Attribution tracking will give credit over longer periods of time to see the bigger picture of how your marketing channels are impacting your overall performance.

  Here are five reasons you need to be using attribution tracking in your business today :

  

  1. Measure channel performance

  The most obvious way attribution tracking helps is to show you how well each channel performs.

  When you’re using a variety of marketing channels to reach your audience, you have to know what’s actually doing well (and what’s not).

  This means having clarity on the performance of your :

  • Emails
  • Google Ads
  • Facebook Ads
  • Social media marketing
  • Search engine optimisation (SEO)
  • And more

  Attribution tracking allows you to measure each channel’s ROI and identify how much each channel impacted your campaigns.

  It gives you a more accurate picture of the performance of each channel and each campaign.

  With it, you can easily break down your channels by how much they drove sales, conversions, signups, or other actions.

  With this information, you can then understand where to further allocate your resources to fuel growth.

  2. See campaign performance over longer periods of time

  When you start tracking your channel performance with attribution tracking, you’ll gain new insights into how well your channels and campaigns are performing.

  The best part — you don’t just get to see recent performance.

  You get to track your campaign results over weeks or months.

  For example, if someone found you through Google by searching a question that your blog had an answer to, but they didn’t convert, your traditional tracking strategy would discount SEO.

  But, if that same person clicked a TikTok ad you placed three weeks later, came back, and converted — SEO would receive some attribution on the conversion.

  Using an attribution tracking tool like Matomo can help paint a holistic view of how your marketing is really doing from channel to channel over the long run.

  Try Matomo for Free

  Get the web insights you need, without compromising data accuracy.

  Start for free

  No credit card required

  3. Increase revenue

  Attribution tracking has one incredible benefit for marketers : optimised marketing spend.

  When you begin looking at how well your campaigns and your channels are performing, you’ll start to see what’s working.

  Attribution tracking gives you clarity into the performance of campaigns since it’s not just looking at the first time someone clicks through to your site. It’s looking at every touchpoint a customer made along the way to a conversion.

  By understanding what channels are most effective, you can pour more resources like time, money and labour into those effective channels.

  By doubling down on the winning channels, you’ll be able to grow like never before.

  Rather than trying to “diversify” your marketing efforts, lean into what’s working.

  This is one of the key strategies of an effective marketer to maximise your campaign returns and experience long-term success in terms of revenue.

  4. Improve profit margins

  The final benefit to attribution tracking is simple : you’ll earn more profit.

  Think about it this way : let’s say you’re putting 50% of your marketing spend into Facebook ads and 50% of your spend into email marketing.

  You do this for one year, allocating $500,000 to Facebook and $500,000 to email.

  Then, you start tracking attribution.

  You find that your Facebook ads are generating $900,000 in revenue. 

  That’s a 1,800% return on your investment.

  Not bad, right ?

  Well, after tracking your attribution, you see what your email revenue is.

  In the past year, you generated $1.7 million in email revenue.

  That’s a 3,400% return on your investment (close to the average return of email marketing across all industries).

  In this scenario, you can see that you’re getting nearly twice as much of a return on your marketing spend with email.

  So, the following year, you decide to go for a 75/25 split.

  Instead of putting $500,000 into both email and Facebook ads and email, you put $750,000 into email and $250,000 into Facebook ads.

  You’re still diversifying, but you’re doubling down on what’s working best.

  The result is that you’ll be able to get more revenue by investing the same amount of money, leaving you with higher profit margins.

  Different types of marketing attribution tracking

  There are several types of attribution tracking models in marketing.

  Depending on your goals, your business and your preferred method, there are a variety of types of attribution tracking you can use.

  Here are the six main types of attribution tracking :

  

  1. Last interaction

  Last interaction attribution model is also called “last touch.”

  It’s one of the most common types of attribution. The way it works is to give 100% of the credit to the final channel a customer interacted with before they converted into a customer.

  This could be through a paid ad, direct traffic, or organic search.

  One potential drawback of last interaction is that it doesn’t factor in other channels that may have assisted in the conversion. However, this model can work really well depending on the business.

  2. First interaction

  This is the opposite of the previous model.

  First interaction, or “first touch,” is all about the first interaction a customer has with your brand.

  It gives 100% of the credit to the channel (i.e. a link clicked from a social media post). And it doesn’t report or attribute anything else to another channel that someone may have interacted with in your marketing mix.

  For example, it won’t attribute the conversion or revenue if the visitor then clicked on an Instagram ad and converted. All credit would be given to the first touch which in this case would be the social media post. 

  The first interaction is a good model to use at the top of your funnel to help establish which channels are bringing leads in from outside your audience.

  3. Last non-direct

  Another model is called the last non-direct attribution model. 

  This model seeks to exclude direct traffic and assigns 100% credit for a conversion to the final channel a customer interacted with before becoming a customer, excluding clicks from direct traffic.

  For instance, if someone first comes to your website from an emai campaignl, and then, a week later, directly visits and buys a product, the email campaign gets all the credit for the sale.

  This attribution model tells a bit more about the whole sales process, shedding some more light on what other channels may have influenced the purchase decision.

  4. Linear

  Another common attribution model is linear.

  This model distributes completely equal credit across every single touchpoint (that’s tracked). 

  Imagine someone comes to your website in different ways : first, they find it through a Google search, then they click a link in an email from your campaign the next day, followed by visiting from a Facebook post a few days later, and finally, a week later, they come from a TikTok ad. 

  Here’s how the attribution is divided among these sources :

  • 25% Organic
  • 25% Email
  • 25% Facebook
  • 25% TikTok ad

  This attirubtion model provides a balanced perspective on the contribution of various sources to a user’s journey on your website.

  5. Position-based

  Position-based attribution is when you give 40% credit to both the first and last touchpoints and 20% credit is spread between the touchpoints in between.

  This model is preferred if you want to identify the initial touchpoint that kickstarted a conversion journey and the final touchpoint that sealed the deal.

  The downside is that you don’t gain much insight into the middle of the customer journey, which can make it hard to make effective decisions.

  For example, someone may have been interacting with your email newsletter for seven weeks, which allowed them to be nurtured and build a relationship with you.

  But that relationship and trust-building effort will be overlooked by the blog post that brought them in and the social media ad that eventually converted them.

  6. Time decay

  The final attribution model is called time decay attribution.

  This is all about giving credit based on the timing of the interactions someone had with your brand.

  For example, the touchpoints that just preceded the sale get the highest score, while the first touchpoints get the lowest score.

  For example, let’s use that scenario from above with the linear model :

  • 25% SEO
  • 25% Email
  • 25% Facebook ad
  • 25% Organic TikTok

  But, instead of splitting credit by 25% to each channel, you weigh the ones closer to the sale with more credit.

  Instead, time decay may look at these same channels like this :

  • 5% SEO (6 weeks ago)
  • 20% Email (3 weeks ago)
  • 30% Facebook ad (1 week ago)
  • 45% Organic TikTok (2 days ago)

  One downside is that it underestimates brand awareness campaigns. And, if you have longer sales cycles, it also isn’t the most accurate, as mid-stage nurturing and relationship building are underlooked. 

  Leverage Matomo : A marketing attribution tool

  Attribution tracking is a crucial part of leading an effective marketing strategy.

  But it’s impossible to do this without the right tools.

  A marketing attribution tool can give you insights into your best-performing channels automatically. 

  

  One of the best marketing attribution tools available is Matomo, a web analytics tool that helps you understand what’s going on with your website and different channels in one easy-to-use dashboard.

  With Matomo, you get marketing attribution as a plug-in or within Matomo On-Premise or for free in Matomo Cloud.

  The best part is it’s all done with crystal-clear data. Matomo gives you 100% accurate data since it doesn’t use data sampling on any plans like Google Analytics.

  To start tracking attribution today, try Matomo’s 21-day free trial. No credit card required.

  Try Matomo for Free

  21 day free trial. No credit card required.

  
  

  Your email address
  

  Your website address
  

  Your Analytics subdomain will be .matomo.cloud (change)

  Choose your analytics subdomain
  

  .matomo.cloud

  I accept the terms and conditions and data processing agreement (DPA)

  
  Your information will be used to create an account on our cloud service. For more information please consult our privacy policy.
  
  
  

  Start improving your websites now

  

• Overcoming Fintech and Finserv’s Biggest Data Analytics Challenges

  13 septembre 2024, par Daniel Crough — Banking and Financial Services, Marketing, Security

  Data powers innovation in financial technology (fintech), from personalized banking services to advanced fraud detection systems. Industry leaders recognize the value of strong security measures and customer privacy. A recent survey highlights this focus, with 72% of finance Chief Risk Officers identifying cybersecurity as their primary concern.

  Beyond cybersecurity, fintech and financial services (finserv) companies are bogged down with massive amounts of data spread throughout disconnected systems. Between this, a complex regulatory landscape and an increasingly tech-savvy and sceptical consumer base, fintech and finserv companies have a lot on their plates.

  How can marketing teams get the information they need while staying focused on compliance and providing customer value ? 

  This article will examine strategies to address common challenges in the finserv and fintech industries. We’ll focus on using appropriate tools, following effective data management practices, and learning from traditional banks’ approaches to similar issues.

  What are the biggest fintech data analytics challenges, and how do they intersect with traditional banking ?

  Recent years have been tough for the fintech industry, especially after the pandemic. This period has brought new hurdles in data analysis and made existing ones more complex. As the market stabilises, both fintech and finserve companies must tackle these evolving data issues.

  Let’s examine some of the most significant data analytics challenges facing the fintech industry, starting with an issue that’s prevalent across the financial sector :

  1. Battling data silos

  In a recent survey by InterSystems, 54% of financial institution leaders said data silos are their biggest barrier to innovation, while 62% said removing silos is their priority data strategy for the next year.

  

  Data silos segregate data repositories across departments, products and other divisions. This is a major issue in traditional banking and something fintech companies should avoid inheriting at all costs.

  Siloed data makes it harder for decision-makers to view business performance with 360-degree clarity. It’s also expensive to maintain and operationalise and can evolve into privacy and data compliance issues if left unchecked.

  To avoid or remove data silos, develop a data governance framework and centralise your data repositories. Next, simplify your analytics stack into as few integrated tools as possible because complex tech stacks are one of the leading causes of data silos.

  Use an analytics system like Matomo that incorporates web analytics, marketing attribution and CRO testing into one toolkit.

  

  Matomo’s support plans help you implement a data system to meet the unique needs of your business and avoid issues like data silos. We also offer data warehouse exporting as a feature to bring all of your web analytics, customer data, support data, etc., into one centralised location.

  Try Matomo for free today, or contact our sales team to discuss support plans.

  2. Compliance with laws and regulations

  A survey by Alloy reveals that 93% of fintech companies find it difficult to meet compliance regulations. The cost of staying compliant tops their list of worries (23%), outranking even the financial hit from fraud (21%) – and this in a year marked by cyber threats.

  

  Data privacy laws are constantly changing, and the landscape varies across global regions, making adherence even more challenging for fintechs and traditional banks operating in multiple markets. 

  In the US market, companies grapple with regulations at both federal and state levels. Here are some of the state-level legislation coming into effect for 2024-2026 :

  • Oregon – Oregon Consumer Privacy Act (July 1, 2024)
  • Florida – Florida Digital Bill of Rights (July 1, 2024)
  • Texas – Texas Data Privacy and Security Act (July 1, 2024)
  • Montana – Montana Consumer Data Privacy Act (October 1, 2024)
  • Delaware – Delaware Personal Privacy Act (January 1, 2025)
  • Iowa – Iowa Consumer Data Protection Act (January 1, 2025)
  • New Jersey – SB 332 (January 15, 2025)
  • Tennessee – Tennessee Information Protection Act (July 1, 2025)
  • Indiana – Indiana Consumer Data Protection Act ( January 1, 2026)

  Other countries are also ramping up regional regulations. For instance, Canada has Quebec’s Act Respecting the Protection of Personal Information in the Private Sector and British Columbia’s Personal Information Protection Act (BC PIPA).

  Ignorance of country- or region-specific laws will not stop companies from suffering the consequences of violating them.

  The only answer is to invest in adherence and manage business growth accordingly. Ultimately, compliance is more affordable than non-compliance – not only in terms of the potential fines but also the potential risks to reputation, consumer trust and customer loyalty.

  This is an expensive lesson that fintech and traditional financial companies have had to learn together. GDPR regulators hit CaixaBank S.A, one of Spain’s largest banks, with multiple multi-million Euro fines, and Klarna Bank AB, a popular Swedish fintech company, for €720,000.

  To avoid similar fates, companies should :

  1. Build solid data systems
  2. Hire compliance experts
  3. Train their teams thoroughly
  4. Choose data analytics tools carefully

  Remember, even popular tools like Google Analytics aren’t automatically safe. Find out how Matomo helps you gather useful insights while sticking to rules like GDPR.

  3. Protecting against data security threats

  Cyber threats are increasing in volume and sophistication, with the financial sector becoming the most breached in 2023.

  

  The cybersecurity risks will only worsen, with WEF estimating annual cybercrime expenses of up to USD $10.5 trillion globally by 2025, up from USD $3 trillion in 2015.

  While technology brings new security solutions, it also amplifies existing risks and creates new ones. A 2024 McKinsey report warns that the risk of data breaches will continue to increase as the financial industry increasingly relies on third-party data tools and cloud computing services unless they simultaneously improve their security posture.

  The reality is that adopting a third-party data system without taking the proper precautions means adopting its security vulnerabilities.

  In 2023, the MOVEit data breach affected companies worldwide, including financial institutions using its file transfer system. One hack created a global data crisis, potentially affecting the customer data of every company using this one software product.

  The McKinsey report emphasises choosing tools wisely. Why ? Because when customer data is compromised, it’s your company that takes the heat, not the tool provider. As the report states :

  “Companies need reliable, insightful metrics and reporting (such as security compliance, risk metrics and vulnerability tracking) to prove to regulators the health of their security capabilities and to manage those capabilities.”

  Don’t put user or customer data in the hands of companies you can’t trust. Work with providers that care about security as much as you do. With Matomo, you own all of your data, ensuring it’s never used for unknown purposes.

  

  4. Protecting users’ privacy

  With security threats increasing, fintech companies and traditional banks must prioritise user privacy protection. Users are also increasingly aware of privacy threats and ready to walk away from companies that lose their trust.

  Cisco’s 2023 Data Privacy Benchmark Study reveals some eye-opening statistics :

  • 94% of companies said their customers wouldn’t buy from them if their data wasn’t protected, and 
  • 95% see privacy as a business necessity, not just a legal requirement.

  Modern financial companies must balance data collection and management with increasing privacy demands. This may sound contradictory for companies reliant on dated practices like third-party cookies, but they need to learn to thrive in a cookieless web as customers move to banks and service providers that have strong data ethics.

  This privacy protection journey starts with implementing web analytics ethically from the very first session.

  

  The most important elements of ethically-sound web analytics in fintech are :

  1. 100% data ownership : Make sure your data isn’t used in other ways by the tools that collect it.
  2. Respecting user privacy : Only collect the data you absolutely need to do your job and avoid personally identifiable information.
  3. Regulatory compliance : Stick with solutions built for compliance to stay out of legal trouble.
  4. Data transparency : Know how your tools use your data and let your customers know how you use it.

  Read our guide to ethical web analytics for more information.

  5. Comparing customer trust across industries 

  While fintech companies are making waves in the financial world, they’re still playing catch-up when it comes to earning customer trust. According to RFI Global, fintech has a consumer trust score of 5.8/10 in 2024, while traditional banking scores 7.6/10.

  

  This trust gap isn’t just about perception – it’s rooted in real issues :

  • Security breaches are making headlines more often.
  • Privacy regulations like GDPR are making consumers more aware of their rights.
  • Some fintech companies are struggling to handle fraud effectively.

  According to the UK’s Payment Systems Regulator, digital banking brands Monzo and Starling had some of the highest fraudulent activity rates in 2022. Yet, Monzo only reimbursed 6% of customers who reported suspicious transactions, compared to 70% for NatWest and 91% for Nationwide.

  So, what can fintech firms do to close this trust gap ?

  • Start with privacy-centric analytics from day one. This shows customers you value their privacy from the get-go.
  • Build and maintain a long-term reputation free of data leaks and privacy issues. One major breach can undo years of trust-building.
  • Learn from traditional banks when it comes to handling issues like fraudulent transactions, identity theft, and data breaches. Prompt, customer-friendly resolutions go a long way.
  • Remember : cutting-edge financial technology doesn’t make up for poor customer care. If your digital bank won’t refund customers who’ve fallen victim to credit card fraud, they’ll likely switch to a traditional bank that will.

  The fintech sector has made strides in innovation, but there’s still work to do in establishing trustworthiness. By focusing on robust security, transparent practices, and excellent customer service, fintech companies can bridge the trust gap and compete more effectively with traditional banks.

  6. Collecting quality data

  Adhering to data privacy regulations, protecting user data and implementing ethical analytics raises another challenge. How can companies do all of these things and still collect reliable, quality data ?

  Google’s answer is using predictive models, but this replaces real data with calculations and guesswork. The worst part is that Google Analytics doesn’t even let you use all of the data you collect in the first place. Instead, it uses something called data sampling once you pass certain thresholds.

  In practice, this means that Google Analytics uses a limited set of your data to calculate reports. We’ve discussed GA4 data sampling at length before, but there are two key problems for companies here :

  1. A sample size that’s too small won’t give you a full representation of your data.
  2. The more visitors that come to your site, the less accurate your reports will become.

  For high-growth companies, data sampling simply can’t keep up. Financial marketers widely recognise the shortcomings of big tech analytics providers. In fact, 80% of them say they’re concerned about data bias from major providers like Google and Meta affecting valuable insights.

  This is precisely why CRO:NYX Digital approached us after discovering Google Analytics wasn’t providing accurate campaign data. We set up an analytics system to suit the company’s needs and tested it alongside Google Analytics for multiple campaigns. In one instance, Google Analytics failed to register 6,837 users in a single day, approximately 9.8% of the total tracked by Matomo.

  In another instance, Google Analytics only tracked 600 visitors over 24 hours, while Matomo recorded nearly 71,000 visitors – an 11,700% discrepancy.

  

  Financial companies need a more reliable, privacy-centric alternative to Google Analytics that captures quality data without putting users at potential risk. This is why we built Matomo and why our customers love having total control and visibility of their data.

  Unlock the full power of fintech data analytics with Matomo

  Fintech companies face many data-related challenges, so compliant web analytics shouldn’t be one of them. 

  With Matomo, you get :

  • An all-in-one solution that handles traditional web analytics, behavioural analytics and more with strong integrations to minimise the likelihood of data siloing
  • Full compliance with GDPR, CCPA, PIPL and more
  • Complete ownership of your data to minimise cybersecurity risks caused by negligent third parties
  • An abundance of ways to protect customer privacy, like IP address anonymisation and respect for DoNotTrack settings
  • The ability to import data from Google Analytics and distance yourself from big tech
  • High-quality data that doesn’t rely on sampling
  • A tool built with financial analytics in mind

  Don’t let big tech companies limit the power of your data with sketchy privacy policies and counterintuitive systems like data sampling. 

  Start your Matomo free trial or request a demo to unlock the full power of fintech data analytics without putting your customers’ personal information at unnecessary risk.