Anonymize IP active in Google Analytics module?

[30knees]

Hi,

Is Anonymize IP setting activated in the thirty bees module? https://developers.google.com/analytics/devguides/collection/analyticsjs/field-reference#anonymizeIp I think a little option box on/off would be a nice feature.

[lesley]

It is not, I am not understanding the point of that feature, what is the use case?

[dynambee]

Apparently some countries "recommend" this practice and some companies say they keep anonymous user statistics in their privacy policies. Or so Google seems to say.

[lesley]

hmm I don't think the overlap between those companies and e-commerce is that big. They also would not be sharing data with Google in the first place if they valued privacy.

[30knees]

It's best practice in the EU in order to be compliant with data protection law. It'll only get stricter with the GDPR. Would you be able to implement a tickbox to activate/deactivate the function?

Here's some information I quickly found on the legal status: https://www.iubenda.com/blog/privacy-policy-google-analytics-germany/

[lesley]

I am honestly getting tired of germany.. lol

[lesley]

But at the same time, we can put it on the roadmap to add. Germany really makes things a PITA because there are no clear rules or regulations, just a mish mash of what people think they have to do to comply under the law.

[30knees]

It's not just Germany :) They only have the most publicity. The Norwegian authorities had this on their radar in 2012 (?).

But super that it'll go onto the roadmap. Thanks!

[lesley]

This has been added to the latest release, https://store.thirtybees.com/shop-modules/statistics/google-analytics

[30knees]

The back office module page doesn't show there's an update. Is this no longer pushed automatically from github? Does this affect other native modules, too?

[lesley]

Looks like I forgot to push it to the api feed. It should be there soon, I just added it.

[DRMasterChief]

Hello lesley, i absolutely can understand your headaches with Germany, or better say EU.... it´s not the first thing which seems to be stupid (discussed here in the forum) - but hopefully we can use TB here in future if you have an eye on some things for EU, i think also EU is a big market for TB and worth it.

In general, if anyone says "Germany" for such things, you can be sure that this is a regulation for whole EU. Thank you!

[lesley]

I think people are actually missing our point of frustration. We have several threads dealing with what changes we need to make in the EU, but no one that lives in the EU agrees can agree on what needs to be changed. This is where the problem comes in. We have no good information about what exactly we need to do. The laws themselves are very vague from my reading. I see terms like "unless the information is needed for statistical purposes". To me, that covers every piece of information collected.

[30knees]

@lesley said in Anonymize IP active in Google Analytics module?:

We have no good information about what exactly we need to do.

I don't think that is a fair statement. You've been offered advice a number of times. I'll chat you.

[Briljander]

But I actually agree with Lesley and I live within EU. I hope TB will comply with GDPR but the laws can be read and understood in many different ways and at this point we dont have any lawcases that has made its way to the court yet and therefor hard to know what is right or wrong.

I think EU will go after some big companies and make a statement later on but I don't think they will bother about us small merchants in the beginning.

[lesley]

We have been, but if you go through all the threads where we are offered information, you will see other people in the EU saying "No we don't need that" or "I don't read it to mean that". This makes it hard to know who to follow.

[30knees]

The law is generally like this. It's often fluffy. That's why there are legal professionals who provide guidance on what the law actually means. The law is unfortunately not intended for lay people to be able to understand or comply with.

[lesley]

Then it is a shitty law that is against the interests of the people. It is made to create an artificial market of people that understand the law. This quite literally makes it the legal dark ages.

[30knees]

That's a whole different issue. I don't think every law can or needs be understood by lay people (eg technical building regulations), while some do (eg traffic laws and criminal laws).

[lesley]

Simple data collection laws should be able to be understood by the people that collect data, right?

[30knees]

I'd say it's not that black and white. :) But I also think it's beside the point, if I may. We (I) want to help thirty bees and not discuss whether legislation is good or bad. That's a whole different story.

[MockoB]

Sooner or later all merchants in every EU country will have to adopt the regulations. The issue in Germany is not with the law it is with the greedy lawyers and competition. And @Briljander you may be right about the GDPR and the big companies but that's not the situation with the other regulations. I think at least the EU compliance module should work properly, I know there are many attempts for fixing it but I know there are still some issues. As @DRMasterChief earlier today mentioned in other topic, there is some progress on the ps forum and would be nice if @mdekker checks that.

[MockoB]

Look at what that module does: https://addons.prestashop.com/en/legal/28991-gdpr-suite.html 2 simple things which could be placed in a CMS page which is in the footer, called GDPR.

[DRMasterChief]

Thank you for the hint to this module, but it is not necessary by law to give the customer such an easy possibility. The law just means that customers have the right to be informed about the data you are saving from them. It could be necessary to give the customer an easy way to delete his data, this should be as easy as possible if you go straight by the law, but this could be also done by an message from the customer to the onlineshop with the simple text "please delete all my personal data" - should be an allowed way for small shops. The GDPR says that a lot of things of this law has to be seen comparative to the business (also e.g. the data transferability to an other competitor, for small business it is ok to give this data in CSV or XML file, maybe 2 times, there is no need to do this unlimited without fee). 30 EUR is not that much for such an module, so we can talk and talk and talk about or just use this module.

I can understand the point of view from lesley. It could be hard to see the meaningfulness of some laws, but i think it is the same with US laws or any other countries :) And it is much more hard to understand when laws are made like rubber band, but this cames from the EU and THERE IS a rethinking for such laws. The GDPR also says, that the information has to be given in "clear and easy speech" to the customers, and also the law is written relatively clear and you can understand it when you read it twice.

TB is on a good way, a lot of things are working better than in other shopsystems (but yes, some things maybe are not finished, we will see....). Unit price works with discounts and different packagings/sizes, AEUC seems to work for 98% and so on. I am on a point i could say it is possible to use TB for an legal secure shop in EU, when you make some changes manually.

[lesley]

The exportation and importation of data is a pipe dream at best. It really does highlight how uninformed the people that wrote the law are on technological matters though. Every shop saves a different amount of data and has different password storage, without a set format this is something that is going to be dead and not useful.

For the export itself, we will most likely add a button to the user account that will allow for this, it seems like the easiest thing to do.