Do you want to learn about Google Analytics PII data collection and how to avoid accidentally storing personal information in your GA account?
Unfortunately, Google Analytics can accidentally collect PII data (personally identifiable information) without you realizing it. And it’s essential to make changes to ensure this doesn’t happen.
Luckily, there are several tricks to prevent PII from getting into Google Analytics.
In this guide, we’ll explore what PII means, uncover why it accidentally gets sent to Google Analytics, and, most importantly, show you how to stop it from happening.
What Is PII Data?
So, what exactly is PII data?
PII stands for Personally Identifiable Information. It’s basically any piece of information you might have about someone who visits your website that could let you figure out who they are.
This includes things like their email address, username, real name, where they live, their phone number, and exactly where they might be at any given moment.
But here’s a twist – IP addresses are not considered PII according to Google’s rules. However, this is just how Google sees PII. If you’re trying to make sure your website complies with GDPR (an extensive set of privacy rules in Europe), you’ll need to look a little closer at what GDPR laws say counts as PII because it might be a bit different from Google.
How Does PII Data End Up in Google Analytics?
You might wonder, how does PII end up in Google Analytics by accident? The most common way this happens is through URLs.
When someone visits your website and fills out a form or logs into their account, they enter personal info like their email or name. Sometimes, this information can accidentally be included in the URL of the page they go to next.
For instance, imagine someone filling out a contact form on your site. Depending on how your website is set up and the tools you use, the next page’s URL might look something like this:
www.yoursite.com/[email protected]
When Google Analytics looks at who visited that ‘thank you’ page, it would also see and record the person’s email. That’s a piece of PII, and it’s not supposed to be collected in Google Analytics.
How to Avoid Storing PII Data in Google Analytics
Luckily, you have two different methods that help keep PII data out of Google Analytics. One is the easiest, exclusively for WordPress websites, and the other is for anyone using Google Analytics.
- Easiest Method: Privacy Guard For WordPress Websites
- Alternative Method: Google Analytics Data Redaction
Easiest Method: Privacy Guard For WordPress Websites
For WordPress users, the easiest method is to use the Privacy Guard feature inside ExactMetrics.
ExactMetrics stands out as the leading premium plugin for Google Analytics. It seamlessly links your WordPress website to Google Analytics, allowing you to access essential data directly within your WordPress dashboard.
With a simple setup process, ExactMetrics offers advanced tracking features. This includes the ability to monitor events, eCommerce transactions, form submissions, custom dimensions, external link clicks, and much more, all from your WordPress dashboard.
The Privacy Guard feature is vital in preventing PII data from landing in Google Analytics.
Located in the Engagement tab of the ExactMetrics settings, activating Privacy Guard is as simple as flipping on a switch:
 
Turning on the Privacy Guard feature ensures that any sensitive PII is stripped from your URLs before landing in Google Analytics. This way, you activate a safeguard for your site, helping it align with important privacy laws.
Get ExactMetrics at the Plus level or above to use Privacy Guard.
Alternative Method: Google Analytics Data Redaction
Google Analytics offers a feature for data redaction that can help ensure PII doesn’t appear in your reports. It’s a bit more complicated than a straightforward switch, but it’s an effective method nonetheless.
First, it’s crucial to identify the specific PII, beyond just email addresses, that might be making its way to Google Analytics via URLs. Google Analytics will automatically filter out email addresses, but for anything else, you’ll need to specify what to look for in your URLs.
Begin by accessing your Google Analytics account and navigating to the Admin section.
Once there, go to Data collection and modification and select Data streams:

Click on your specific data stream to proceed:

Scroll down until you reach the Events section, look for the Redact data option, and click on it:

Here, you’ll have the opportunity to activate the Email switch, which will filter out email addresses from your data:

If filtering email addresses is all you want to do, hit the blue Save button, and you’re all set.
Turn on the URL query parameters switch to exclude additional information beyond email addresses. You’ll then need to specify which query parameters to exclude by entering them into the provided box.
Query parameters are the parts of your URL that follow the question mark, such as in the URL examplesite.com/?firstname=James&name=Doe, where you would need to exclude first name and name as query parameters.
Type each query parameter you wish to exclude into the box, pressing Enter after each one:

Once you’ve entered all necessary parameters, click the Save button to apply your settings:

You’ve now successfully set up data redaction in Google Analytics to keep PII out of your reports.
Frequently Asked Questions
Does Google Analytics capture PII?
Google Analytics is not designed to capture PII intentionally. However, PII can accidentally be collected through URL parameters if not correctly managed and filtered out.
How do you identify PII data?
To identify PII data, you should review your Google Analytics reports and check for any data in URLs or form submissions. This involves examining site content and data collection methods to ensure compliance with privacy standards.
Is Google Analytics privacy-friendly?
Google Analytics has features and settings that support privacy, such as data anonymization and consent modes. However, privacy-friendliness depends on how website owners configure and use it.
And that’s it for our guide on Google Analytics PII data collection and how you avoid accidentally storing unwanted data in your GA account.
To easily keep PII data out of Google Analytics, get started with ExactMetrics and use Privacy Guard today.
If you found this article helpful, check out these:
- GDPR and Google Analytics 4: How to Make Your Site Compliant
- 8 Best WordPress Cookie Consent Plugins for GDPR Compliance
- How to Ensure Google Analytics CCPA/CPRA Compliance for GA4
And remember to follow us on X and Facebook to see all the latest reviews, tips, and Google Analytics tutorials.
 
			 
