Personally Identifiable Information (PII), hashing and Google Analytics

Sending PII to Google Analytics

Google has a strict policy prohibiting sending Personally Identifiable Information (PII) to Google Analytics.

This is necessary to provide GA reports around the world, yet comply with country regulations about storing personal information.  Even if you send personal information accidentally, Google may be forced to delete all of your analytics data for the time range affected.

This policy has recently tightened to state:

You may not upload any data that allows Google to personally identify an individual (such as names and email addresses), even in hashed form.

A number of our clients are using a hashed email as the unique identifier for logged in users, or those coming from email campaigns.  If so, this needs be a minimum of SHA256 hashing (not MD5 hashing), with a ‘salt’ to improve the security – check your implementation meets the required standard.

If you want to check if personal information affects your analytics, we now include checking for PII in our complete Google Analytics audit.

Google’s best practice for avoiding this issue is to remove the PII at the source – on the page, before it is sent to Google Analytics.  But it may be hard to hunt down all the situations where you accidentally send personal data; for example, a form which sends the user’s email in the postback URL, or a marketing campaign which add the postcode as a campaign tag.

We have developed a tag manager variable that does this removal for you, to avoid having to change any forms or marketing campaigns which are currency breaking the rules.

Steps to setup

1. Copy the script below into a new custom Javascript variable in GTM

function() {

// Modify the object below to add additional regular expressions
var piiRegex = {
//matches emails, postcodes and phone numbers where they start or end with a space
//or a comma, ampersand, backslash or equals
"email": /[\s&\/,=]([a-zA-Z0-9_.+-]+\@[a-zA-Z0-9-]+\.[a-zA-Z0-9-.]+)($|[\s&;\/,])/,
"postcode": /[\s&\/,=]([A-Z]{1,2}[0-9][0-9A-Z]?(\s|%20)[0-9][A-Z]{2})($|[\s&\/,])/,
"phone number": /[\s&\/,=](0[0-9]{3,5}(\s|%20)?[0-9]{5,8}|[0-9]{3}-[0-9]{4}-[0-9]{4})($|[\s&\/,])/

// Ensure that Page URL Variable is updated to match the Variable in your
// GTM container to retrieve the full URL
var dl = {{Page URL}}

var dlRemoved = dl;
for (key in piiRegex) {
dlRemoved = dlRemoved.replace(piiRegex[key], 'REMOVED');
return dlRemoved;

Screen Shot 2016-08-03 at 10.50.50

2.Check {{Page URL}} is set up in your GTM container

This is a built-in variable, but you’ll need to check it under the variables tab.

Screen Shot 2016-08-03 at 10.49.39

3. Change the pageview tag to override the standard document location, and use the variable with PII removed

 set field name

By default, Google Analytics takes the location to be whatever is in the URL bar (document.location in Javascript).  You will over-ride that with the PII-safe variable.

Common reasons for tracking events
Ecommerce tracking

Common reasons for tracking events

In this article, you will learn why it is important to track the events that

Attributing goals and conversions to marketing channels
multi- channel attribution in Google Analytics

Attributing goals and conversions to marketing channels

On most websites, the conversion journey involves many different routes and

You May Also Like