Making barbal.co GDPR compliant with Hubspot and Google Analytics tracking codes

As a company we always try to do things “the right way”. One of the perennial challenges is how to square digital marketing with the privacy of our stakeholders. We need to use the latest tools to support sales and marketing and we also want to act ethically. As a platform that handles sensitive or confidential information for our users, we always take security and privacy seriously.

The barbal.co website uses a WordPress installation. We use various plugins for different elements like forms. We use Hubspot and Google Analytics to support digital marketing. Both platforms offer WordPress plugins to more tightly couple the services. We use them to make sure our website is relevant to visitors and know that we are following up on leads appropriately. However, neither platform’s plugin has a facility to seek permission from users before it starts tracking them with cookies. Nor does either platform’s documentation provide much help for those seeking GDPR compliance.

Google Tag Manager was suggested as a way to keep track of all tracking codes in one place, but again requires a heavily convoluted way to implement cookie permissions requiring developers and custom code.

In the end we struck upon the GA Germanized plugin, which has a no-code interface for installing a cookie banner and linking to Google Analytics. It also has a feature for implementing other tracking codes, so we put the Hubspot code in there. I also had to uninstall the Hubspot plugin and disable Google Site Kit from placing the Google Analytics code.

Now the Barbal website doesn’t use any cookies until the user gives permission, and even then we make sure we only use the bare minimum to meet their and our needs. You can find out more about privacy and security at Barbal in our Privacy Policy.