Is consent exemption possible with an Ecommerce website?


Matomo has contradictory opinions on the subject.

  • Either they say : “ If you use features such as Ecommerce tracking or User ID then you will likely need to ask for consent when these features are used. That’s because Ecommerce Order ID can be tied back to the customer, and User ID is often personal data/PII (even when replaced with a pseudonym).”.

  • Or they say : “If you prefer not to track personal data in Matomo, you may enable “Anonymize Order ID” to avoid storing the Ecommerce Order ID number. Because an Order ID can be cross-referenced with another system, typically an eCommerce shop, the Order ID may count as personal information under the GDPR.
    In Administration > Privacy > Anonymize data page in Matomo, click “Anonymize Order ID” and then click Save. When you enable this option, an Order ID will be automatically anonymized so no personal information will be tracked.”

Cnil recommandations say it is not possible to have an ecommerce website without consent.

So… is it possible to avoid consent with Ecommerce tracking and anonymised order ID or not ?