Zum Inhalt springen
etracker
Jetzt starten

Consent-free and legally compliant

With etracker analytics, companies benefit from demonstrably consent-free data collection in accordance with the TDDDG and GDPR.

Marketing with first-class data

According to the well-known principle of “garbage in – garbage out” (GIGO), web analysis depends on data quality. If the data basis is insufficient or falsified, the derived findings will not be correct. Marketing performance also suffers when algorithms are fed with inadequate data, as is the case with Google Ads. With etracker analytics, companies benefit from the optimal combination of freedom of consent and data protection compliance – for reliable data and top results.

For etracker analytics, compliance with data protection regulations has been checked and certified in an independent audit. The ePrivacyseal data protection seal of approval certifies that etracker analytics does not require consent:

“In cookie-less mode (standard mode), the use of etracker analytics is lawful in accordance with the GDPR and TDDDG without any consent requirement.”

ePrivacyseal

The session tracking procedure developed by etracker fulfills both the requirements for freedom of consent under the TDDDG and the GDPR.

etracker session tracking procedure
Legally compliant tracking without consent in accordance with TDDDG and GDPR

Consent-free according to TDDDG
(cookie-less)

The Telecommunications Digital Services Data Protection Act (TDDDG) contains regulations on access to the user’s terminal equipment. By default, etracker analytics only uses functional or strictly necessary cookies. Active access to the user’s end device for analytical purposes does not take place. According to the supervisory authorities, the processing of browser and header information on which etracker analytics is based does not require consent:

“Access requires a targeted transmission of browser information that is not initiated by the end user. If only information, such as browser or header information, is processed, which is transmitted inevitably or due to (browser) settings of the end device when a telemedia service is called up, this is not to be regarded as ‘access to information that is already stored in the end device’.”
(See https://www.datenschutzkonferenz-online.de/media/oh/20211220_oh_telemedien.pdf, page 8)

For session tracking, etracker analytics does not store any data in the user’s end device, but assigns interactions to the respective visits purely on the server side via securely hashed session tokens.

The use of etracker analytics is not completely cookie-free. If users object to data processing for analysis purposes via the data protection notice on the website, the objection is stored in a technically required cookie within the meaning of Section 25 (1) GDPR. 2 No. 2 TDDDG stored. You can find more information about the etracker cookies used here.

Consent-free according to GDPR (overriding legitimate interest)

The General Data Protection Regulation (GDPR) regulates the processing of personal data. Reporting in etracker analytics is based on anonymized and mainly aggregated data. However, anonymization already constitutes a processing operation in accordance with the GDPR, i.e. also the standard automatic and earliest possible shortening of the IP address in the memory of the data acceptance server.

This (anonymization) processing can be carried out on the legal basis of overriding legitimate interest.

According to the guidelines for the processing of personal data on the basis of a legitimate interest of the European Data Protection Board (EDPB) of October 9, 2024 and the judgment of the ECJ in this matter (C-621/22 of October 4, 2024), the following conditions must be met for this purpose

  1. The pursuit of a legitimate interest by the controller or a third party;
  2. The need to process personal data for the purpose of pursuing the legitimate interest;
  3. The interests or fundamental freedoms and rights of natural persons do not take precedence over the legitimate interests of the controller or a third party (balancing exercise).

Unlike Google, etracker does not process web analytics data for its own purposes and therefore only on behalf of the website operator. In addition, etracker data is not linked across different providers or merged with Google account data to reveal information such as the age and gender of visitors.

The legal basis of the overriding legitimate interest requires a balancing of interests, which can be viewed in this sample balancing of interests.

The result of the ePrivacy Consult audit can be accessed here. ePrivacy Consult certifies etracker analytics amongst others:

  • Conclusion of the AV contract with the account registration, see https://www.etracker.com/en/dp-agreement/.
  • The IP address is shortened as early as possible and automatically (in the server cache) and thus only persisted anonymously.
  • Reporting is carried out with anonymized and almost exclusively aggregated data without the possibility of identifying the user.
  • An objection function is provided for the privacy policy.

Session identifiers for linking individual interactions to visits are limited to a maximum of 24 hours, as a daily time stamp is included in the hash value automatically generated by the server. This excludes the possibility of permanent recognition unless cookies are activated after consent has been given. Browser fingerprinting in accordance with OH Telemedia and the Art. 29 Data Protection Group therefore does not take place.

Conclusion

When using etracker analytics, only processing operations that are justified on the basis of the website operator’s overriding legitimate interest are carried out. The standard version does not require consent in accordance with the TDDDG, as no analytical cookies are set or end device information is read. For the use of etracker analytics, a consent banner can be dispensed with in the standard version. In hybrid mode, etracker cookies can be activated for anonymous recognition and journey measurement after consent has been given. Cookies can be activated via the integrated etracker consent manager or third-party CMP services.

This enables the best possible data quality, regardless of consent, in harmony with all legal requirements. This is the basis for efficient website and campaign management. This in turn leads to higher sales and increased marketing success (ROAS). Legal risks are avoided and the trust of customers and interested parties is strengthened.

Contents

Marketing
with first-class data

1. consent-free according to TDDDG (cookie-less)

2. consent-free according to GDPR (overriding legitimate interest)

Conclusion

Contact us

Do you still have questions? Then get in touch with us.

Whether on technical, functional, commercial or data protection topics.

Please enable JavaScript in your browser to complete this form.
=
Deine Daten werden verschlüsselt übermittelt.
Contact us

Jonas Tietge

E-Mail schreiben
Termin buchen