GDPR implementation and Web-Stat

Learn how to make your site GDPR-ready with Web-Stat

or click here for our own GDPR info and statement
Disclaimer:
It is your responsibility to ensure that Web-Stat services are permitted and abide by your local laws. Any information presented below is not legal advice and you should not rely upon it as such. The GDPR is a complex regulation: we recommend that you seek legal advice to understand it and prepare for it.

On May 25th 2018, the General Data Protection Regulation, known as the GDPR, came into effect. Its purpose is to protect the personal data of all EU citizens. Whatever the location of your business, if you own a website with EU visitors, or if your marketing campaigns target EU citizens, these changes affect you.

Basically, the regulation means that you have to go through all of your personal data processing activities and make sure that they comply.

Data processing activities on websites are usually of two types:

  1. Contact forms, email subscriptions, etc. where personal data is explicitly requested and submitted directly by the user.

  2. Cookies and online tracking, where information is collected without explicit user knowledge

With the enforcement of the GDPR, you have to revise what data you are gathering in both these situations, whether you really need this data and why, how you are keeping it secure and inform/get consent from the user.

The second item, 'Cookies and online tracking', directly concerns Web-Stat and your use of our service. By default we collect your visitors' IP addresses and write cookies on their computers. The IP is needed for geo-location, and the cookies are needed for two reasons (1) recognize a repeat visitor (this is how we tell you that a given visitor is back on your site for the third time and that his previous visit was 2 days, 3 hours ago) and (2) build the click-path of a visitor inside your site and count his page views.

Note that neither the IP nor the use of cookies identify a natural person. We know that a visitor was on your site, we know what he did on the site, we know that he was there before, but we don't know 'who' this visitor is: we have no way of identifying him or her personally.

Also, we do not share your data with anyone. It is yours and yours only.

Still, you are responsible for implementing GDPR on your own site, which means informing/obtaining consent from the user for the use of cookies and the collection of IP addresses.


At this stage you have two options:
  1. Post a message on your site for EU visitors stating that by continuing their navigation they consent to the use of cookies and the collection of their IP address to help with the measurement of the traffic on your own site (and for no other purpose).

  2. Turn off IP collection and/or the use of cookies for EU visitors.

We have setup two new tools to help you meet the new GDPR requirements:

If you choose option 1, we have added a new function to our Geo-customization function, which will allow you to detect only EU visitors and present them with a warning message

If you choose option 2, we have added two new settings in the Settings Panel (under 'GDPR compliance') which allow you to anonymize IP collection (for all visitors or only for EU visitors) and stop the use of cookies (for all visitors or only for EU visitors). Note that with these options ON, Web-Stat still works properly. The only drawback is that we will be unable to recognize repeat visitors.


If you decide to keep Web-Stat running with cookies enabled, here is a list of the cookies that get written on your visitor's computer, with their purpose and duration:

  • wtslv_xxxx: timestamp of last visit / used to recognize a repeat visitor / expiration: doesn't expire
  • wtsid_xxxx: sessionID for this particular visit by this visitor / used so that we can count all the page views under a single 'session ID' / expiration: 30 minutes
  • wtsso_xxxs: timestamp of last page view / used to determine if a page view is part of the current visit / expiration: 30 minutes
  • For wix clients only - wix_xxxx: name of last page loaded / used to prevent counting double-clicks / expiration: 30 minutes

Note (1) the actual cookies has the string 'xxxx' replaced by a number which represents your particular account with us.

Note (2) the cookies and traffic data that we collect on your behalf are not shared with anyone other than yourself.


As always, please contact us if you have any questions