Skip to content
Rafa Jimenez

Founder of SEAL Metrics. Privacy Marketer.

Cookieless Tracking: Guide to E-commerce 2023

The evolution of internet measurement has come to a halt due to user privacy protection, which is why Cookieless Tracking solutions are vital for e-commerce.

Web analytics solutions, such as Google Analytics, have based their technology on individualized user measurement based on “cookie” technology.

Technological evolution has allowed web analytics tools to not only be able to measure users and their behavior, but thanks to the same data stored to display basic reports, they can create user profiles and even create predictions, such as predicting a user’s purchase intent based on their browsing.

This data evolution has prompted government organizations to createregulations to protect user privacy; for this reason, you must work with a Google Analytics alternative.

Because there is a need for measurement that respects user privacy and complies with regulations, cookieless tracking solutions such as SEAL Metrics have been created to support this purpose.

So, how can digital businesses, and e-commerce, in particular, work with privacy-first tracking technology?

Contents

1 What are cookies?
1.1 What are third-party cookies?
1.2 What are first-party cookies?
2 What do the regulations say about website measurement?
2.1 User privacy must be respected
2.2 It cannot be analyzed individually without the user’s consent.
3 Google Analytics and GDPR
4 What is Cookieless Tracking
5 Cookieless Tracking Solution: SEAL Metrics
6 SEAL Metrics: GDPR & ePrivacy Compliance
7 SEAL Metrics Alternatives

What are cookies?

Cookies are a file stored in our browser, in which a unique User ID of a web page visitor is added. Every time this user browses the website, the Google Analytics pixels, for example, check which User ID corresponds to each page viewed, asking for the cookie.

This way, they know the browsing made by each User ID in an automated way.

What are third-party cookies?

The cookies that we place in the browser can be third-party cookies. Being a third party means that the cookie placed in the browser, instead of being from the same domain being visited by the user, for example, sealmetrics.com, is issued by the analytics provider; for example, google-analytics.com, adinton.com,…

Therefore, the cookie placed on the user’s browser that is visiting sealmetrics.com belongs to google.com; as it is another domain, it is called a third-party cookie.

What are first-party cookies?

First-party cookies are when the cookie placed in the user’s browser corresponds to the same domain as the website they are visiting.

For example, visiting sealmetrics.com, the cookie placed would belong to the domain sealmetrics.com.

NOTE: Remember that in SEAL metrics, we work without cookies; the above is just an example for your understanding.

The current trend of web analytics tools based on third-party cookies is to pivot to first-party cookies. How are they doing it?

The fact that a first-party cookie belongs to the same domain as the website we are visiting would technically mean that, for example, all websites that work with Google Analytics would have it installed on their server. Practically impossible to do.

They are solving it in the following way:

The measurement tool creates pixels to insert the first-party cookie as subdomain.clientdomain.com.
The client, using the DNS, points subdomain.clientdomain.com to the server where the measurement tool is located.
When the cookie “falls,” it is a first-party cookie, but a third party measures it.

Although this is the solution used, it is still a trick to bypass adblockers and regulations; we could say it’s a 3rd party cookie “camouflaged.”

What do the regulations say about website measurement?

The regulations are evident in both the GDPR and the ePrivacy Regulation; here is a summary of the key points:

  1. User privacy must be respected
  2. You can NOT work with personal data without the user’s consent.
  3. You can NOT analyze individually without the user’s consent.
  4. You can NOT install anything in the client’s browser without consent.

User privacy must be respected.

In short, if you work with the email, IP,… or any personal data of the user, you either anonymize it and do not see it on your servers, or it must require consent to be measured.

It cannot be analyzed individually without the user’s consent.

This point is where the ePrivacy regulation emphasizes. ePrivacy Regulation says that individually analyzing a user, as done with cookies, requires user consent.

For this reason, we are asked to accept cookies every time we visit a website. We are not asked to accept cookies; we are asked for permission to “be measured individually”.

NOTHING can be installed in the user’s browser without their consent.

Placing a cookie in the browser is to install “something”. Which is forbidden without consent, using local or session storage, forbidden without consent.

For more information on how to measure with cookies, follow the link

Google Analytics and GDPR

Now that we have seen how the regulation tells us how we must measure, what about my Google Analytics account?

This is where e-commerce has its biggest problem. Because as the regulation stands, Google Analytics can only work by requesting permission from the user through the cookie banner or footer.

You can implement a special setup to Google Analytics to comply with GDPR, but it requires very technical actions. Anyway, this is already explained in the link above

What is Cookieless Tracking

Cookieless tracking is a technology that aims to measure what happens on our website while respecting the user’s privacy.

In other words, Cookieless Tracking technology should allow us to answer fundamental business questions:

  • Sales
  • Invoicing
  • Visits
  • Conversion rate
  • Traffic
  • Traffic per source

With these KPIs, we should be able to improve the profitability of our online business.

All this while respecting the user’s privacy. What does respecting privacy consist of?

  1. Respecting current regulations
  2. Not being able to relate browsing and behavior to a person.

Cookieless Tracking Solution: SEAL Metrics

Having explained all of the above, SEAL Metrics is our privacy-first solution.

It’s a solution that respects user privacy and provides business KPIs to marketers for them to continue with their activity.

SEAL Metrics: GDPR & ePrivacy Compliance

SEAL metrics is a solution that:

  1. Doesn’t work with personal data. Nothing. Not even IP. We comply with GDPR.
  2. Doesn’t install anything in the user’s browser. We comply with GDPR.
  3. We don’t use individual metrics, only aggregate data, ePrivacy compliant.

SEAL Metrics Alternatives

There are different alternatives in the market; you will find them searching for Cookieless Tracking or Cookieless Analytics on your search engine.

Anyway, to make things easy for you, I am comparing cookieless tracking tools.

To make your decision, I advise you to ask the following questions to the solutions:

  1. Do they measure anonymously? Almost all the “good ones” do.
  2. Do they measure in a non-individualized way? Here are the surprises.
  3. Do they have the KPIs I need? If you are an eCommerce: invoicing!
  4. Easy to implement. We have modules for Magento, Prestashop, woocommerce, and WordPress at the eCommerce level.

Categories:

Privacy Marketing

The Newsletter for Privacy Marketers

Everything a marketer needs to know about privacy

Related articles

Discussion (0)