I only need to track the number of visits to specific page names within a subdirectory. The subdirectory is password-protected because the entire site project is (I’m using Webflow). At the same time, I need the data to comply with various laws like GDPR (I’m in Sweden, and my target audience is also in Sweden). However, I should mention that being able to identify whether the page visits are from unique users and real people would be great! How can I achieve this?
The most important thing to remember is to respect your visitors’ decisions and to notify them about data you’re collecting
Could you elaborate on how do you understand “unique users and real people”? By default, Piwik PRO flters out traffic from the most common bots and crawlers, but you might come across some that are still being tracked. If that happens, you can intentionally exclude these bots and crawlers.
Thanks for your quick response and for sharing the guide. I realized I may not have been clear and wanted to provide a bit more context.
I’m going to partner with various companies who will list their products on my platform. Each time someone clicks through to be redirected to their website, the company will need to pay a small fee.
I’ve figured out how to track the number of clicks through the password-protected subdirectory. However, since I need to track every click to ensure I don’t lose revenue, the data must remain completely anonymous, to avoid needing to ask for consent and still be GDPR compliant. As the guide mentions, “Anonymous data is exempt from GDPR unless it can be re-identified.”
At the same time, I want my partners to feel secure and ensure the clicks aren’t bots or the same person repeatedly clicking, so they only pay for unique users. Is there a way to balance both the need for GDPR compliance and verifying unique users?
Sorry for the confusion, and thanks again for your help!
If you anonymize every visitor (and use a 30 minute cookie and/or session hash), then you are able to identify their clicks within one session. So if they are repeatedly clicking in a short period of time, you will be able to catch this.
But in this case you won’t be able to recognize visitors when they come back, so every session will be a new visitor, and you won’t be able to identify if the same person came back and clicked on the same thing.
So I can still be GDPR compliant even without asking for consent if I have the following settings (and check for repeated clicks within a short period)?