Back to blog

Sensitive data, profiling, and your web analytics

Data privacy & security Product best practices

Written by

Published March 31, 2016 · Updated August 6, 2020

Sensitive data, profiling, and your web analytics

With so much of our time spent online, our activity logs can reveal a lot of personal information considered as sensitive data. All websites we visit or keywords we search can be a valuable source of information that can be used to enrich our profiles and subsequently help advertisers find the right segments for their ads. What do you need to know about profiling and how can you protect you and your visitors’ sensitive data?

Profiling involves tracking and recording online user behavior for the purpose of producing targeted advertising. Such activity can encompass every sort of interaction, including viewed pages, conducted searches, purchased products, or abandoned carts. Targeted advertising takes into account past actions of an individual to predict not only their preferences, but also their personal situation — possibly including delicate matters such as financial or health conditions. According to this information, a marketer or a salesperson may decide if, for example, this person is ready to convert into a paying client.

Growth of the so-called Global Internet User Activity Database is what worries both website owners and visitors, and while it’s true online profiles can remain anonymous, it’s also a fact that many companies attempt to match personally identifiable information (PII), such as a name and address, with consumer profiles they have at their disposal. Even if based on cookie usage, such collection can still include sensitive data.

How to Leverage Web Analytics

When Your Company is Dealing with Tons of Sensitive Data

Download FREE Guide

The closer a given piece of information gets to enabling identification of an individual, the more caution needs to be taken when dealing with such sets. This type of special attention can take the form of:

  • consent requirements
  • increased control
  • informing users on data-collection purposes

It is therefore vital to provide users with, at minimum, a way to opt-out as presented below:


There are categories of data considered more sensitive by default, such as health or financial data, but also information on an individual’s sexual orientation, political affiliation, race, etc. Such knowledge can cause personal harm, as in the infamous case of the US-based retailer Target.

To predict pregnancy and run specific campaigns aimed at mothers-to-be, Target collected and used information on individuals’ shopping behavior. What seemed random and non-sensitive at first glance was in fact used without any consent in order to obtain a piece of very sensitive information

Expert advice by Aurelie Pols, Mind Your Privacy

Expert’s Advice: Aurélie Pols, Mind Your Privacy

“The Target case highlighted very common issues the field of web analytics is faced with — a lack of understanding for how significant context may be for privacy best practices, as well as the need for adequate decision making and responsibility attribution.”

How to Leverage Web Analytics

When Your Company is Dealing with Tons of Sensitive Data

Download FREE Guide


Ewa Bałazińska

See more posts by this author

Core – a new plan for Piwik PRO Analytics Suite

Privacy-compliant analytics, built-in consent management and EU hosting. For free.

Sign up for free

 Free Practical Guide: Avoid Privacy Risks and Prepare for GDPR
Upcoming live webinar

May 26, 2022

Life after Universal Analytics: What makes Piwik PRO a better alternative than Google Analytics 4

In July 2023 Google Universal Analytics, known as Google Analytics 3, will become history. Companies need to decide what to do next – switch to the controversial Google Analytics 4 or consider other options. Find out why Piwik PRO Analytics Suite might be a great alternative to Google products. Learn how to easily migrate your analytics to a privacy-friendly EU-based platform. Get all your questions answered during a Q&A session.

Sign up for this webinar