Short answer: yes, quite an overwhelming few of them.
This is also not very easy to answer without all of the details surrounding a website. But there are a few things we can assume for certain:
Now, before saying you don’t process any user data, some consider the fact that your website handles IP data by visitors a personal datum…!
If you want to double-check, a good place to do so is your local data protection agency. Just don’t forget that you might also want to check out the rules in locations you want to operate in (I’ll post a list of names after the main content of this answer for you to check).
What does “Google Analytics” tell us?
Do not forget about your cookies!
The above section in Google’s terms for Google Analytics additionally reminds you not to ignore the fact that Google uses pretty invasive cookies and therefore you should inform users before these cookies get installed. This means that to European users you should likely be displaying a banner and inform them about cookies AND most importantly block them before they’ve consented to their use.
- Who is the site/app owner?
- What data is being collected? How is that data being collected?
- For which purposes is the data collected? Analytics? Email Marketing?
- What third parties will have access to the information? Will any third party collect data through widgets (e.g. social buttons) and integrations (e.g. Facebook connect)?
- What rights do users have? Can they request to see the data you have on them, can they request to rectify, erase or block their data (under European regulations most of this is mandatory)?
List of data protection agencies for research and help
- Australia: Office of the Australian Information Commissioner
- Belgium: Data Protection Commission
- Bulgaria: Bulgarian Commission for Personal Data Protection
- Canada: Office of the Privacy Commissioner of Canada
- China (Special Administrative Regions): Office for Personal Data Protection, Macau SAR, China
- Czech Republic: Office for Personal Data Protection of the Czech Republic
- European Union: European Data Protection ComissionComission
- Estonia: Estonian Data Protection Inspectorate
- France: Commission Nationale de l’Informatique et des Libertés
- Germany: Federal Data Protection Commission
- Ireland: Office of the Data Protection Commissioner
- Israel: The Israeli Law, Information and Technology Authority
- Italy: Garante Per La Protezione Dei Dati Personali
- Korea: Personal Information Protection Commission
- Mexico: Federal Institute for Access to Information and Data Protection (IFAI)
- Netherlands: Dutch Data Protection Authority
- New Zealand: Office of the Privacy Commissioner
- Norway: Data Protection Authority
- Poland: Office of the Inspector General for the Protection of Personal Data (GIODO)
- Slovenia: Information Commissioner
- Spain: Agencia Española de Protección de Datos
- Switzerland: Federal Data Protection and Information Commissioner
- United Kingdom: Information Commissioner’s Office
- United States: Federal Trade Commission