Back to blog

How to run web & app analytics projects across banking groups

Analytics Banking & finance

Written by

Published March 10, 2020 · Updated June 21, 2024

How to run web & app analytics projects across banking groups

Collecting behavioral data about app and website visitors and using it in marketing and advertising context has always been a challenge for the financial industry. We’ve tackled this issue in numerous posts on our blog.

The problem is even greater for institutions with a worldwide presence. Because of strict privacy and security regulations – both sectoral and regional – they prefer to operate on the least amount of information about clients and support their advertising campaigns with data bought from third parties. But the new restrictions on third-party cookies introduced by Safari, Firefox and Google Chrome browsers are making this plan barely feasible.

Fortunately, there are other options that revolve around using a bank’s first-party data instead.

In this article, we’ll show you how multinational banking groups can track user behavior across applications and websites, and leverage this data in promotional campaigns effectively, without breaking laws or disrespecting users’ privacy.

The challenge of tracking ad spends and user behavior in banking

According to the Guardian, by 2021 the number of customers communicating with banks using apps will overtake that of the customers visiting physical bank branches.

This means that if you’re responsible for executing web or app analytics projects, you may feel that the stakes are getting higher and higher.

To make things work, you need detailed audiences to target with relevant ads and offers. Then, you need to know how new clients use your products and adapt to them.

Typically, such an undertaking involves stakeholders from across the entire group – different business lines and regions – that report directly to you. To make sense of all the data coming your way, you could create a “master view” of all the marketing collateral, such as:

  • Number of downloads
  • Ad spends and effectiveness of ad campaigns
  • User behavior inside web or mobile application
  • NPS/Apple Store/Google Play ratings

However, the following problems may occur:

1) You use multiple ad platforms

In many cases, teams across countries and business lines use different advertising channels and tools. Because of that, you may struggle when trying to compare ad spends and conversion rates across regions.

2) You don’t have a unified view on user behavior on the website or inside the app

Another thing is that there are often different owners of marketing and post-login pages or apps. People in charge of landing and marketing pages usually work with a corporate subscription of Google Analytics 360. However, the Mountain View giant’s software for many reasons is not a good fit for pages and apps accessible after logging in, also known as secure member areas.

A recent report by Brave explains in great detail the dangers of employing Google Analytics on websites containing confidential information about users. Be sure to check it out.

Keeping the data from those areas of websites and apps in a private cloud or with a trustworthy vendor is a much safer option. This is why, to mitigate the risks involved in using Google, teams responsible for post-login pages and apps tend to:

  • use Adobe Analytics or a combination of Adobe Analytics and SiteCore
  • fetch the data from server logs – this way they don’t have to apply tracking codes in sensitive areas of their portals
  • build their own products to avoid involving any third party in the process

This number of analytics tools accumulated in your organization not only makes the costs of licensing/development and maintenance skyrocket. It also makes it hard or even impossible to connect the dots between individual steps in the user journey.

As a result, you can’t see things like which marketing websites customers had visited before they decided to open another savings account or apply for a mortgage. Also, you don’t know their previous steps, such as which advertising campaigns have brought the customers with the highest account balance.


The comparison of 10 web and app analytics platforms

Compare the main features of Piwik PRO Enterprise, Google Analytics 4, Matomo Cloud, Adobe Analytics, AT Internet, Countly Enterprise, Mixpanel Enterprise, Amplitude Enterprise, Snowplow Enterprise, and Heap Premier.

3) You need to respect data residency & privacy laws

Apart from that, you have data residency and privacy laws to abide by.

Numerous countries, such as Germany, Australia, Canada, India, Switzerland, Russia and China have introduced laws that order companies to keep their residents’ personal data within a country’s physical borders.

Storing data is one thing, but there are also data transfer rules you need to observe. For instance, GDPR allows it only if an adequate level of security is met. Transferring personal data is possible within the Privacy Shield framework, but you need to ensure that your organization’s compliance team reviews it case by case.

Update: As of July 16th 2020, Privacy Shield is no longer a valid legal framework for transferring data from the EU and Switzerland to the US. The situation is evolving fast, though. Here we’ve written about the decision and will provide updates when anything changes. And here we’ve written about how such limitations affect users of Google Analytics. 

Also, there are many other privacy laws – such as Brazil’s LGPD, California’s CCPA, India’s Personal Data Protection Bill, just to name a few – with their own restrictions regarding data transfer. You can read more about them here.
Meeting all those requirements is particularly difficult if you use Google Analytics and/or Adobe Analytics. None of them provides flexibility in terms of server locations. For instance, Adobe Analytics servers are based in the following regions:


With Google Analytics 360 you get no choice and the data will be allocated across different Google Data Centers. Here you can find their whole list.

To steer clear of violating data residency and privacy laws, your teams may decide to operate on the least amount of information possible, and what’s more – avoid collecting personal data at all cost. This means that, for example:

  • they don’t feed their datasets with financial, CRM, offline or transactional data
  • they’re unable to differentiate traffic between customers and first-time visitors

Consequently, the information your organization gathers is not only anonymized but also trapped in the silos of departments.

4) You need to stop relying on third-party data in your advertising strategy

Because of the problems with in-house data, you probably invest significant sums in the third-party audiences bought from data management platforms (DMPs), such as Lotame, Nielsen, The Trade Desk or BlueKai and push them into ad networks. Unfortunately, that is about to change.

Safari and Firefox’s new privacy features have reduced the availability of third-party cookies by around 30% to 40%. Now, Google has announced that it will stop supporting third-party cookies by 2022. Because of Chrome’s worldwide popularity, its new policy will bring the figure close to 100%.

This means that in less than two years you’ll have to learn to live without:

Buying audiences based on third-party data: The change will affect most of the DMPs that sell third-party audiences or map offline data to online identifiers on the web.

Data activation on the web: Using cookie syncing to identify and target users (e.g. by exporting an audience to a DSP for media buying).

Retargeting on the web: Showing ads to users across the web who have previously visited your website.

Attribution: Attributing ad views to conversions.

As a result, although ad networks will still be able to display ads on websites, things like behavioral targeting, attribution, and reach will become extremely ineffective.

First-party data comes to the rescue

In this situation, as a person responsible for a web or app analytics project, you may feel trapped because:

  • You have to operate on fragmentary and anonymous information on the usage of your products, which is extremely difficult to combine into one whole.
  • You’re unable to attribute monetary value to conversions on your websites or inside your apps.
  • The sources of third-party data are slowly drying up and your internal databases are too scarce to create meaningful advertising audiences out of them.

Fortunately, there is a way – unlocking the potential of first-party data. However, in this case anonymous information is not enough to build the full picture. For this, you’ll need customers’ personal data. This means that you’ll have to opt out of Google Analytics and Adobe Analytics, since the platforms don’t really welcome this kind of information.

The Google Analytics privacy policy says this:

To protect user privacy, Google policies mandate that no data be passed to Google that Google could use or recognize as personally identifiable information (PII).

This, in turn, is how Adobe Analytics addresses the issue:

Adobe strongly suggests customers refrain from passing personally identifiable information (PII) to Adobe, especially in situations where the PII is not necessary for analytics.

To avoid violating products’ terms of service, you may want to consider different options available on the market.

The Piwik PRO Analytics Suite – consisting of Analytics, Tag Manager, Consent Manager and Customer Data Platform – allows you to achieve even better results without increasing costs, breaking laws or reducing your marketing effectiveness.

Because Piwik PRO is available in private cloud and cloud hosting options, you’ll be able to take advantage of the following setups:

  • Private cloud deployment in each country with strict data residency laws – used exclusively by a certain region or department:
  • A private cloud (dedicated hardware) keeps all server resources and databases storing analytics data physically separated and dedicated to one organization.
  • A private cloud (dedicated database) shares server resources between customers but keeps them logically separated. Databases storing analytics data are physically separated.
  • Bring Your Own Key encryption on private cloud (dedicated database) Orange. This solution allows for the encryption of analytical data using the customer’s key but applies only to solutions hosted on Orange.
  • Cloud deployment can be used in every country where no sensitive or personal information is being processed.
  • A separate instance for an “executive view” with its own tracking code on instances 1) and 2) and a metasite for measuring high-level traffic across every area of your operations.

By using private cloud only where it’s necessary, you’ll also optimize infrastructure costs.

That will allow you to:

1) Gain an overview of the marketing performance of your project

Although in your “executive view” you won’t see all the details, you will be able to follow the progress of work and measure the performance of different regions and business lines in one place. This will allow you to make faster and more informed decisions.

2) Respect the laws and collect personal data

The locations of your Piwik PRO instances will be consistent with residency laws. What’s more, the data, except for high-level anonymized information, won’t be sent outside the borders of a given country or accessed by any third party.

As for data privacy regulations – Piwik PRO Consent Manager will help you obtain visitors’ consents as required by GDPR and LGPD. By using it, you’ll also be able to collect and process user requests resulting from the mentioned rights as well as legislation such as CCPA.

Here you can read more about how Piwik PRO Consent Manager can help you act in line with privacy laws around the world.

3) Capture the full customer journey

With the platform, you’ll be able to map the customer journey across different channels and follow user flow without missing any significant data points. A Customer Data Platform will allow you to integrate data from such systems as:

  • CRM, marketing automation software
  • Ad platforms
  • Banking transactional systems
  • Lead capture forms
  • Social media platforms
  • Other systems via API or through CSV imports

Visit this post for more tips on how to leverage sensitive and personal information in your marketing strategy: 4 Burning Questions about Onboarding Personal Data and Personally Identifiable Information (PII) to Your Analytics Platform

Thanks to this, your teams in each region will gain a well-rounded view of user behavior and attributes from all relevant sources, not just websites or apps.

Psst! With this kind of data at your fingertips, you’ll also be able to employ advanced customer retention strategies. Read more about that here:

However important it is to get a thorough understanding of your customers, getting the complete picture of their journey should never come at the expense of privacy and security. Also, you should consider implementing some extra security measures such as single sign-on, encryption, or a change log to make sure the data is safe and sound.

For more information on how to map the full customer journey in banking, check out this post: How Analytics & Customer Data Platform Can Help You Track the Full Customer Journey

4) Create a future-proof advertising & marketing strategy

Even though third-party data will no longer be relevant in the advertising context, there’s an opportunity to breathe new life into first-party data. In the eyes of marketers and advertisers, it’s considered an extremely valuable source because it’s collected from people who have a direct relationship with the brand: customers or potential customers who have had some interaction with it.

With Piwik PRO, you’ll be able to use your first-party data to:

Run on-site personalization & retargeting campaigns

With a wealth of customer data at your disposal, you can employ on-site personalization and retargeting. A combination of Piwik PRO Tag Manager, CDP and Analytics, will allow you to:

  • Identify existing clients and target your audiences better (e.g. you won’t advertise opening an account to someone who already has one, you won’t show a loan offer to somebody with a low credit score).
  • Build precise audiences based on different conditions, e.g. actions users perform on transactional pages, offers they’ve seen or the usage of the given functionality.

Thanks to the safeguards we discussed earlier, you’ll run your campaigns both on marketing and post-login pages without violating visitors’ privacy.

For more inspirations on leveraging on-site personalization and retargeting in your marketing strategy, visit these posts:

Gain a better view of ad spends and conversion rates on your websites and in your apps

The platform also helps you gain a better view of your advertising expenses:

  • Your dataset consists of information about user behavior from many touchpoints, including ad platforms, marketing websites and secure member areas, among others. This, in turn, will let you e.g. calculate the proper cost of customer acquisition per channel.
  • By setting up and measuring similar goals across every website (e.g. your national websites in US and Canada or Germany and Switzerland), mapping them and attributing a monetary value to each goal conversion, you can monitor the performance of your ad campaigns. You’ll know what works and where to funnel a bigger budget next time around.

These are just ideas for leveraging the first-party data collected with Piwik PRO. It’s worth keeping your finger on the pulse of how the AdTech market adapts to the recent changes. Our friends from Clearcode predict that the industry will start offering more opportunities for using first-party data and sharing it with trusted advertisers. To stay up to date, follow their blog.

If you want to read more about the benefits of using first-party data, here you go:

5) Save time and money

And let’s not forget about reductions in costs. Using one analytics platform, you don’t need to spend your whole budget on multiple tools and licences, such as Google Analytics 360 or Adobe Marketing Cloud to do your tracking. Here you get an all-in-one platform to collect data from multiple sources and finally put it into action. That saves you both time and money.

Also, a leaner analytics stack also means fewer products for your security teams to vet.


The world of AdTech and MarTech is undergoing a rapid change. Fortunately, banking groups can prepare themselves for it by unlocking the power of first-party data. This will not only allow you to build precise audiences based on data about people with real relationships with the organization. It will also help you gain a full picture of user behavior at every stage of the user journey and better measure the costs of customer acquisition.

Such a change, however, requires a sensible approach to the data your visitors decide to share with you and adjusting your ways to the demands of regional and sectoral regulations. Part of the task will be to find business partners that ensure an appropriate level of data privacy and security.

If you would like to learn more about how Piwik PRO can help you collect customer data in a responsible way, be sure to contact us. Our team will be happy to answer all your questions.


Karolina Lubowicka

Senior Content Marketer and Social Media Specialist

An experienced copywriter who takes complex topics of data privacy & GDPR and makes them understandable for all. LinkedIn Profile

See more posts by this author

Core – a new plan for Piwik PRO Analytics Suite

Privacy-compliant analytics, built-in consent management and EU hosting. For free.

Sign up for free

Upcoming live webinar

June 27, 2024

Real-time dashboards in Piwik PRO: A hands-on use case

This summer, we’re introducing new real-time dashboards in Piwik PRO Analytics Suite, empowering our clients to make informed decisions in time-sensitive projects. Would you like to learn how to use them in your daily work? Join our webinar to see how our partner agency, Netlife, used real-time insights to streamline the registration process for a major national event, ensuring a smooth user experience and preventing system breakdowns. Stay for a Q&A session where our experts will address all your questions.

Sign up for this webinar