What Data Are You Legally Allowed to Track?
IP addresses and the exact journey (visited pages) of the visitors on a website are considered personal information that can help you identify and create profiles of your visitors, hence according to GDPR, you either stop tracking those details, or you ask visitors for their consent.
Considering this, we highly recommend you use our Complete Protection mode, which ethically collects consent exempt data without the need of cookie consent banners. This is not a predefined setting so it is your decision whether you choose to activate it or not. It all depends on the laws you need to obey, which differ from one country/state/district to another.
Once you enable the Complete Protection Mode, you will still have access to a large amount of data including top visited pages, visitors device/browser/OS, approximate location, and so on. The only things that will be anonymized are the IP address and the exact visited page URLs. Behavioral analytics features will not be affected; you can still see your heatmaps and visitor recordings, and within these recordings, also the pages to which a visitor has navigated.
The Technical Aspect of Analytics and Cookies
Let's look at it like this. If your legitimate interest is to see the IP addresses and the exact pages seen by your visitors, then, depending on the laws that apply in your country, you must either ask for their consent or not.
In case you truly need that particular information, and the law requires you to ask for consent, the first step you are obligated to take is to create a consent banner for your website. The second step would be to implement a condition for the Visitor Analytics script to only run if visitors gave their consent and only track those visitors.
Note: This is possible if you use our standalone app and track visits based on the tracking code snippet which you added manually . If the app runs in Wix/WordPress or other plugins, there is no flexibility over the tracking code snippet and you cannot manually take it out or implement conditions for it.
Creating the conditioning system mentioned above can be difficult, especially if you do not have the knowledge and resources. If you do not want all this hassle, but the country you and your audience live in still asks you to be GDPR compliant, you can just enable the Visitor Analytics Complete Protection Mode to save time and still be able to get elaborate insights and statistics.
In addition, even if you create this conditioning between the banner and our script, according to this GDPR consent notice study, most visitors will end up refusing to give their consent, so they will not appear in the statistics. That makes Complete Protection Mode even better, because even if you do not see those specific details, you can at least see all the visitors that were on the site. On the other hand, if you have the consent banner and the condition to run the script or not, you can see the IP address and the visited pages of your visitors, but only the small percentage of visitors that give you their consent.
According to the same study here are the percentages of visitors who accept to be tracked, depending on the type of cookie banner presented to them: