Rest assured with our GDPR compliance guarantee.
Our confidence is your peace of mind
Wide Angle Analytics was designed from the ground up to be a privacy-focused, GDPR-compliant, powerful tool for gaining actionable business insights.
Our efforts go beyond technology assurance. We understand that compliance is also transparency, process and proper documentation.
Focus on growing your business, and leave compliance to us
Privacy and data protection laws are constantly changing. Therefore, we make sure to follow recent regulations and ensure we remain aligned with recent changes. We proudly support European GDPR, British PECR and American CCPA.
We are actively scouting other jurisdictions, aiming to cover the most impactful regulations.
Compliance under control
Our team engage with industry experts to ensure our decisions and processes meet the requirements. We work closely with a consultancy that hires former data protection enforcement professionals from agencies like French CNIL.
Future proof your data processing activities
We at Wide Angle Analytics anticipate upcoming rules and gives you tools from day one of their enforcement. We are closely monitoring the progress and discussion about the forthcoming ePrivacy regulation.
Protect the kids and vulnerable
We collect no Personal Information by default and comply with US COPPA rules. Should you collect such information about your adolescent audience, we give you complete transparency on how data is stored, processed and secured.
Web Analytics Today
Frequently Asked Question
Do I need GDPR-compliant web analytics?
If you operate an Internet website with commercial intent, you need a good way to identify and analyse your traffic. The best way to achieve it is with a web analytics solution that can adjust to your compliance and regulatory obligations.
By employing web analytics that can give you peace of mind that you are not exposed to crippling fines, you can focus on the core of your business and provide the best possible service or product.
With Wide Angle Analytics, you can deploy fully compliant, non-identifying web traffic analytics to your general audience and then scale this solution with additional, even Personal Data, for users that gave you explicit consent. Instead of maintaining two different solutions, you benefit from a single platform that can unlock additional insight on the same dashboard.
Disclaimer: information on this website does not constitute a legal advice.What is the GDPR?
The GDPR stands for the General Data Protection Regulation. Because it is a regulation rather than a directive, it is effectively a law in every European Union country. GDPR came into effect in 2018 and replaced the previous privacy directive from 1995. This change is significant because, before GDPR, different countries in the EU had various privacy regulations.
Disclaimer: information on this website does not constitute a legal advice.Whom does the GDPR protect?
The GDPR safeguards the personal and sensitive data of anyone in the EU territory. It is important to note that the GDPR goes beyond protecting EU citizens.
Who is responsible for enforcing the GDPR?
Each European Union country has a data protection authority that interprets and enforces GDPR in the given country. For example, there is Commission Nationale de l’Informatique et des Libertés (CNIL) in France, Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit (BfDI) in Germany, and Datatilsynet in Denmark, etc.
As a citizen or a resident of these countries, you can file complaints against individuals, companies, and institutions violating your GDPR rights with your local data protection authority.
What is the impact of Brexit on the United Kingdoms GDPR compliance?
In the post-Brexit era, the United Kingdom adopted its version of the GDPR, the UK GDPR. Thanks to adopting a regulation compatible with GDPR, the UK has upheld its GDPR adequacy status. Therefore, for all purposes, the UK can be treated as if it were applying the same level of protection as GDPR (see the Privacy and Electronic Communications Regulations for more details). But as the UK is no longer bound by EU law, it can change and amend UK GDPR in the future. Monitoring compliance level in the future is essential.
Disclaimer: information on this website does not constitute a legal advice.What makes web analytics GDPR-compliant?
Compliance with GDPR is a vast and complicated subject. But if we distil it to its core principles, we can attempt to summarise it in the following manner:
- Do not store any personal data without the explicit consent of the user.
- If you store or process data as the Data Processor, document every processing activity and make the process transparent.
- Adhere to the most stringent security standards. The GDPR obligates the data processor to secure its entrusted data.
- Minimise data collection to only what was agreed on and is necessary.
- Collect only essential information if you do not consent and do not attempt to store personal data.
- Document your processes and ensure there is a qualified Data Processing Officer role that can support any requests from data subjects.
- Be extra vigilant with data transfer to Third Countries and ensure additional security measures are adequate.
This list goes beyond providing cookieless web analytics, as you can see.
A GDPR-compliant web analytics provider, such as Wide Angle Analytics. Wide Angle Analytics acts as a responsible Data Processor, documents all the processes, assures data security and resiliency, provides a transparent data retention scheme and offers a redress mechanism in the form of skilled and qualified contact. It avoids transferring data to countries that cannot ensure adequate data safety.
Disclaimer: information on this website does not constitute a legal advice.What is the CCPA?
The CCPA refers to the California Consumer Privacy Act, which was enacted at the beginning of 2020. This law applies to every business that processes the personal data of California residents. The CCPA covers personal data such as name, address, email address, social security number, geolocation data, fingerprints, browsing history and record purchased goods.
The CCPA is a unique privacy protection law that does not apply to all states. However, with the dominant nature of the tech industry, which operates mainly from the state of California, it is often referred to as de facto US privacy regulation.
Disclaimer: information on this website does not constitute a legal advice.What is the main difference between the CCPA and the GDPR?
There are many differences between the GDPR and the CCPA, but if we were to distil these into essentials, these would be:
- CCPA applies to businesses only, whereas GDPR applies to everyone processing the personal data of EU residents. Moreover, the threshold for a company to be under CCPA is relatively high: annual revenue above $25 million, processing more than 50k residents' data, or at least 50% of revenue is generated from selling the personal information of the California residents.
- Another significant difference is the approach to opt-in and opt-out. The GDPR requires explicit opt-in for anyone to process the personal data of the people it protects. Meanwhile, CCPA forces the creation of a mechanism to opt out.
The GDPR is a much more far-reaching regulation than the CCPA.
Disclaimer: information on this website does not constitute a legal advice.What is the PECR?
The PECR stands for Privacy and Electronic Communications Regulations. This UK regulation accompanies the Data Protection Act and the UK GDPR. The PECR regulates such things as marketing emails, calls, and texts. The PECR has its origin back in 2003 and has been amended since then. It is important to note that while there is significant overlap with UK GDPR, satisfying one does not automatically comply with the other.
Disclaimer: information on this website does not constitute a legal advice.What is the main difference between the PECR and the GDPR?
The key difference between the PECR and the UK GDPR is that PECR applies even if you are not processing personal data. This means that many of the PECR rules apply even if the person or individual cannot be uniquely identified.
Disclaimer: information on this website does not constitute a legal advice.Why does compliance with privacy regulations matter?
Before the GDPR and the CCPA, many privacy rules were applied in the form of directives or were otherwise missing. That meant it was simple for technology vendors to acquire, gather, or even buy and send users' data and void broader scrutiny. The rules governing personal processing data were fragmented across jurisdictions, and with the explosive growth of the Internet, numerous protections in place proved not on par with technological progress.
The GDPR in Europe and the CCPA in the US changed everything. While enforcement is delegated to state-based authorities, the rules are standard. And more importantly, these rules permeate across borders much more straightforwardly.
Failure to adhere to these regulations can result in huge fines and risk tarnishing a business's reputation.
What is COPPA?
The Children's Online Privacy Protection Rule, COPPA, is the US data protection rule that aims to protect kids' data.
What are COPPA requirements?
The COPPA rules apply differently to websites, depending on whether they target children under 13 years old. Whether the website targets kids and aims at those under 13 years old can be ambiguous.
But to generalize, the rules are:
- Provide a clear and comprehensive privacy policy.
- Make an effort to notify parents of Personal Information collection and about changes to such a collection.
- Obtain parental consent to collect Personal Information.
- Provide means for parental review of collected Personal Information.
- Protect the confidentiality and security of collected Personal Information.
- Retain collected data only as long as necessary to fulfil the purpose these were collected.
How does Wide Angle Analytics comply with COPPA?
Wide Angle Analytics does not store any Personal Information by default. Hence, even without consent, no PI of minors are being collected.
Furthermore, should you gather consent and store Personal Information as part of your tracking events, we provide you with full documentation about security and data governance. The data is transmitted and stored encrypted.
No data collected is shared with third parties and can data be deleted on request.
Disclaimer: information on this website does not constitute a legal advice.