Google Analytics 4 has a lot of settings you can configure in the tool itself and when collecting the data. On this page we will try to keep you up-to-date about all these features and how you can customize them to configure Google Analytics 4 in the “Most Privacy Preserving Way”.
Configure Google Analytics 4 in the “Most Privacy Preserving Way”
(Latest update: March 22nd 2022)
Although it’s not a Google Analytics setting by itself, it is important that you connect your consent management platform (“cookie banner”) to your tag management solution and your analytics configuration. If somebody decides to opt-out, your configuration should actually respect that choice.
There are many ways to configure this. If you are using Google Tag Manager, then a low-cost option to explore could be CookieBot. They have a guide outlining integration with Google Tag Manager which you can find here.
Deciding how to exactly implement this on a detailed level is something your company should evaluate with legal counsel. However, building the infrastructure and ability will be required to move forward, regardless of what option you choose.
On the highest level in your Google Analytics 4 admin settings, you can disable the “Data sharing settings” under the “Account settings”.
This is where you can activate or deactivate Google Analytics Advertising Features.
If you want to play it safe, simply never click “Enable Google signals data collection”. To be safe, disable Ads Personalisation in all regions.
Data Retention is a tricky one. From a usability point of view, you want as much data as possible in your analytics tool because it makes it more usable. 2 Months of data will only let you compare today with 60 days ago, which is very limited.
One thing that you could do, is configure the Google BigQuery export to export all GA4 data into your own Google Cloud Platform account (where you are the full owner and there is no data processing by Google Analytics happening anymore.) This would require you to do any analysis on data spanning more than 2 months outside of Google Analytics.
We recommend our client to go with the 14 months option and specify that in their privacy policy. But going forward, the 2-month + BigQuery route might become more popular.
One of the interesting features of Google Analytics is that it deeply integrates with other Google Products. Although this is extremely powerful and convenient, it does create some challenges when looking at it from a privacy perspective.
If you want to play it safe, only the BigQuery export (as long as you mention in your privacy policy that you have Google Cloud Platform as a data processor) and the Google Search Console (organic search data, not on user level) can be integrated without changing how we classify Google Analytics.
Once you enable the advertising integrations, the data sharing settings we disabled in earlier settings will get enabled and we’re turning Google Analytics into an advertising tool.
Within Google Tag Manager you can also take several steps to optimize for privacy.
There are 2 fields to set when firing the Google Analytics 4 script which determine how Google Analytics processes the data. They correspond with what you’ve configured earlier on in this post under the Data Collection Settings.
The settings are documented here.
Set “allow_google_signals” and “allow_ad_personalization_signals” to “false” to ensure that what we’ve just configured in Google Analytics is also integrated with the data we send towards Google Analytics. (An added benefit is that it’s auditable from the outside by anybody evaluating your setup.)
Please note: anonymize IP and ForceSSL used to be used in Universal Analytics but are default settings for Google Analytics 4.
This step takes a lot more work but does open up way more possibilities to configure Google Analytics to your exact needs. By running Server-Side Google Tag Manager on your own Google Cloud Platform instance, you now own the data collection endpoint.
If you want to learn more on this topic, please read our blogpost on why Server-Side GTM is essential to preserve Privacy and read Simo Ahava’s extensive guide to setting up Server-Side GTM.