On the data collection side, this involves turning both Remarketing and Advertising Reporting Features off (neither of which are relevant since I’ve also removed the ads). On the data retention side, I’ve set user and event data retention to 14 months (which is the lowest it can be), and turned off the setting to reset on new activity. The User-ID feature is off, and will remain off, meaning that I do not track you across devices.
Crucially, the information I see in my dashboard on the Google Analytics side is anonymous; I can see what device and browser you use, as well as see what country your IP address is allocated to. That’s where it stops. I cannot, for example, see your specific IP address – nor would I want to. It’s quite irrelevant to my use of the data (and I’m not fool enough to believe that an IP address represents a single user, or – for that matter – always represent the same user).
Another part of my responsibility is to ensure that the data collected is protected. I have been using a password manager which generates random, secure, and unique passwords for each application for a long time, this site included. In addition, I have enabled two-factor authentication on the site, adding to its security level. Likewise, my Google account has a strong password, and has two-factor authentication enabled. Statistics are only available to registered users with the Administrator role – meaning me.
You may well be wondering why I’m sharing this information. As I’ve said a number of times in past posts, I believe in transparency, and being transparent about the data I have, how I gather it, and how it is secured is an important part of this. In addition, I believe that I have an objective responsibility to be a positive example, and again, sharing this information is an important part of doing that.