Data deletion and GDPR


#1

In order to be compliant with the GDPR, do I have to delete raw data only or archived data also?

What information do raw data hold that archived data do not and it is important to delete one and not both?


(Fabian Dellwing) #2

You do not need to delete data if you:

a) Do not use the visitor id feature (or any other dimension that allows you to identify a specific user)
and
b) Anonymize at least the 2 last byte of the saved IP addresses


#3
  1. Do both of these requirements have to be met, or either one of them?

  2. We use the visitor id feature. Is there an option to disable it from default? I am not sure yet if we need it or no.

  3. If we keep using it, then just deleting the raw data would still meet the GDPR rules?


(Fabian Dellwing) #4
  1. Both would be need to be met.
  2. No one is using this feature by default. By default, Matomo chooses a visitor id for you. Only if you overwrite this id yourself, with information from your application, it will be personal data. (User ID User Guide - Analytics Platform - Matomo)
  3. I can not give legal advice on that topic.

(Lukas Winkler) #5

BTW: The only one who can give you answers you can rely on is your data privacy lawyer.


#6

Yes, I understand this. I just wanted to know if there is a general guideline and also what personal data is lost in deleting raw data vs deleting archived data. For example in the GDPR overview it is said:

Data retention for data stored in Matomo:

  • all visits and actions raw data are deleted after 12 months 5 days .
  • aggregated reports are never deleted.

The overall data retention rate for your privacy policy is the raw data retention rate. Please note that aggregated reports may contain personal data as well. If you are using features like User ID, Custom Variables, Custom Dimension, or track personal data in other ways such as events, page URLs or page titles, etc, then the overall data retention rate for your privacy policy is the higher of the two.