Hunor.digital
← All guides
Guide · Hub E

GDPR-compliant analytics, without the theater

Compliance lives in what actually fires, not in what the banner claims. Most GDPR analytics problems are engineering problems wearing a legal hat: verify at the network level, fix the leaks, then let a lawyer map the obligations. I map the technical truth; I am not a lawyer.

Lázár Hunor · Digital FixerLast reviewed 05 Jul 2026
The short answer

GDPR-compliant analytics means what actually fires on your site matches what users consented to and what your privacy policy declares. Most setups fail at the first step: the consent banner blocks the tags its plugin knows about while others fire anyway. Compliance is verified in the network tab, not on the settings page.

Most consent banners are decorative. They were installed, not designed: the plugin blocks the tags it knows about, everything else fires anyway, and the privacy policy describes a site that stopped existing two redesigns ago. Nobody notices until a user complains or a data protection authority writes a letter, and a letter is a genuinely bad way to find out what your tags do.

The position this hub argues

Three things, consistently:

One boundary, stated plainly: I map what your site technically does with data. What that means for your legal obligations is your lawyer's half of the job. The good ones are worth it, and they cannot inspect network requests any more than I can interpret case law.

Start with what your consent banner isn't blocking: it is the most common failure, and you can test it yourself in fifteen minutes. If what you find worries you, the Compliancy audit is a flat €500 and one to two days, tag by tag.

Explore the cluster