Whether you’re simply surfing the web or a website owner, learning about website tracking is key to understanding how the web works today.
In this guide, we explain what website tracking is, how it works, and how you can use it in line with data protection legislation.
Website tracking refers to the process of collecting and analyzing data about users’ interactions with a website. For example, businesses can track the pages visited, the duration of the visit, the actions performed on a page, the location of the user, and so on.
Website tracking is widely used. It allows tailoring content to user’s preferences and optimizing a website to drive growth and conversions.
We usually distinguish between first-party and third-party tracking.
Website tracking, when carried out in compliance with data protection laws, is a legitimate practice.
This means that there are requirements you must comply with to track your users. Failure to comply with these requirements can expose you to legal consequences or fines.
We’ll expand on this topic in the paragraph below.
Web tracking uses different types of tracking technology to gather user data on a website and track their behavior.
Let’s take a closer look at these tracking technologies.
Cookies are little text files that a website places on a user’s browser when they visit the site and track the user’s behavior.
In general, cookies collect information about internet habits, prior visits, search history, and so on. With this gathered information, cookies allow websites to remember users and their preferences, allowing sites to customize page content to the user.
Another example of web tracking technology is IP address tracking.
When you visit a website, your IP address is logged together with details about your location, time, and the page you visited. This kind of tracking is used to determine the geographical location of users and recognize visitors from the same network.
Tracking pixels are tiny, 1×1 images embedded in websites or emails.
When you load a page or open an email containing a tracking pixel, it triggers a request to the server, which collects information about your IP address, browser type, or time of access.
Device fingerprinting is a technique that identifies devices based on their unique characteristics.
Websites analyze factors like screen resolution, browser type, operating system, fonts, and plugins to create a fingerprint of your device.
The technologies we described above can be used for different reasons. Examples of online tracking are:
As you can understand, from a business perspective, the benefits of web tracking are many. Web tracking can improve the performance of a website or marketing campaign, resulting in better spending and greater revenue.
On the other hand, from a user’s point of view, web tracking can somehow feel like an invasion of privacy, even though it results in a more personalized web experience.
For this reason, data protection laws regulate the use of website tracking.
If you own a website and are resorting to web tracking, it’s important to know which law applies to you, to comply with the right requirements.
In the European Union, trackers are regulated by both the General Data Protection Regulation (GDPR) and the ePrivacy Directive, also called Cookie Law.
To use trackers in the right way, you must:
Under CCPA, you can process personal data (including through cookies and trackers) without your users’ consent. However, you must provide an easy way to stop behavioral advertising and the sale and sharing of their personal information (opt-out). This is typically done through a “Do Not Sell or Share My Personal Information” link.
The CCPA is only one of the many state privacy laws effective in the US: Virginia, Connecticut, Utah, and Colorado, among others, have also enacted their privacy laws.
When it comes to personal data processing, most of them have similar requirements to the CCPA:
Brazil’s Lei Geral de Proteção de Dados Pessoais mirrors the EU’s GDPR in many ways.
For example, the LGPD also requires explicit consent. In addition, the Brazilian DPA has published its guidelines on cookies and trackers, which mention consent as a necessary condition for the installation of trackers.
If you don’t know where to start in meeting these requirements, getting the right tools can be what you need to do!
Our Privacy Controls and Cookie Solution helps you meet web tracking requirements across multiple legislations.
Create your cookie consent banner to get consent from your users, block cookies from running and keep a cookie preference log, as legally required.
And you can do all this without limiting your performance!
