Don't have one? Create one ↗
The Happy TaggerThe Happy Tagger
Privacy, consent & the cookieless future

Lesson 7 of 7

PII And Data Hygiene

Personally identifiable information (PIIPIIPersonally Identifiable Information: names, emails, phone numbers and similar data that must not flow into general analytics tools.), such as names, emails and phone numbers, must not be sent into general analytics. Beyond breaking most vendors' terms, it is a real privacy and security risk.

Practical rules

  • Never send raw PII to analytics events or parameters.
  • Watch for PII leaking into page URLs and query strings; redact it.
  • Where first-party data is intended (Enhanced Conversions), it is hashed before sending.
  • Use data-retention settings and limit who can access raw data.

A quick habit: before publishing, check the Variables and Data Layer tabs in Preview for any value that could identify a person, and make sure it is not riding along in a hit.

Key takeaway

Keep raw PII out of analytics, redact it from URLs, hash it where it is genuinely needed, and limit access to the data you do keep.