For clarity: This relates explicitly to UA not GA4. That doesn’t however mean that the current version is deemed GDPR compliant; that is likely something that a future investigation will decide.
Google claims that GA4 should be compliant, but at the same time they have also for years until a few days ago been providing a version of GA that wasn’t.
I use a self-hosted instance of Plausible Analytics. It’s privacy-respecting and the analytics data is only available the site operators, not shared to any big corp to optimize the monetization effort. And as a bonus, it’s not blocked by any ad blocker so the data is more accurate.
Removed by mod
The key point is you can self-host it and the source is open. If PA getting shitty in the future, you can just keep your instance in the last known good version, or even use a forked version if someone decided to fork.
In fairness, as a service, they were basically just handed a golden ticket.
Removed by mod
Removed by mod
We migrated to Matomo, which has very similar functionality as GA, but can be self hosted and is GDPR compatible. It can even be configured to run without consent since it doesn’t build a third party ad profile, which should actually improve the data coverage a bit.
The tracking API is a little different than GA so we had to redo some things to get all the events to trigger properly (especially for e-commerce), but for basic usage statistics it’s relatively plug and play in the tag manager.
