Observatory training | digital.gov.au

June Observatory Training

Google Analytics training: upcoming sessions

Using the Comparisons feature in GA4 for Government, July 24th 10:30-11:30
Custom Dimensions for beginners in GA4, August 21st 10:30-11:30
Creating content groups in GTM - September 25th 10:30-11:30
Custom metrics for beginners in GA4 - October 23rd 10:30-11:30
GA4 Key events for government - November 20th 10:30-11:30
GA4 feature roundup and year in review - December 4th 10:30-11:30

Managing Data Deletion Requests

Why would you need to delete data?

GA & your responsibilities

Managing accounts, properties, user access and data. It is a requirement under the Observatory Terms of Service to regularly review accounts and properties.
Ensuring that information captured in Google Analytics is not personally identifiable and that all employees and contractors comply with the Australian Privacy Principles and obligations under the Privacy Act 1988 (Cth).
Following the Observatory Terms of Service, Google Analytics Terms of Service and Google Cloud Platform Terms of Service information relating to privacy.
Undertaking an independent privacy threshold / impact assessment.
Compliance with the Information Security Manual (ISM), which includes not storing personal or sensitive information on Google Analytics or Google Cloud Platform Services, and protecting information from cyber threats.
Google is constantly changing and while we do our best to keep you informed, it is your responsibility to monitor for product, privacy and security updates which may impact your privacy and security assessments and agency risk tolerance.

What is PII and where it can show up in GA4

PII is any information that could be used on its own to directly identify, contact, or precisely locate an individual. This includes:

Email addresses
Mailing addresses
Phone numbers
Precise locations (such as GPS coordinates)
Full names or usernames

PII may also include other types of information that are considered personal or sensitive under the Australian Privacy Act, such as:

A person’s name, signature, home address, email address, telephone number, personal IP address, date of birth
Health information, bank account details, credit information and employment details
Sensitive information’ (includes information or opinion about an individual’s racial or ethnic origin, political opinion, religious beliefs, sexual orientation or criminal record, provided the information or opinion otherwise meets the definition of personal information)

Why you should care:

You are obligated to comply with the Privacy Act, as previously discussed, and to protect user privacy
Google policies mandate that no data be passed to Google that Google could use or recognise as PII
Continued collection of PII data in a GA4 property can result in suspension and/or permanent deletion of that property by Google
As such, it’s crucial you regularly check your property for PII and delete any data that may contain it

In GA4, PII may occur in:

Page URLs and titles
Campaign (UTM) dimensions (e.g. Source, Medium, Keyword, Campaign, Content, Term)
Site search dimensions
Event dimensions (e.g. Event Name and Event Parameters)
Any other fields where users can input information, and this is sent to GA4
Custom dimensions, if using
User IDs, if using
Data imports, if using

As GA4 records all URLs visited by users, it will also record URLs that potentially have PII in them. This can happen on forms, or any sections of a website where the user is required to provide information. If the user submits PII such as their email address, name, etc. as part of a form submission, site search, and so on, that data may be sent to GA4 (within a page URL, an event or custom dimension, and so on). While on-site design features and GA configurations can be used to limit such vulnerabilities, individual agency Privacy Notices should clearly outline the type of data that could be collected, and also call out any potential inadvertent mechanisms for data collection.

How to access the data deletion feature and what are the prerequisites?

To access the data deletion feature in GA4, you need to have Editor or Admin access to the property. You can check your access level by going to Admin > Data Deletion Requests. If the option is greyed out, you do not have the required access level.

If you have the required access level, you can click on Data Deletion Requests and then click on Schedule Data Deletion Request to start the process.

How to make a data deletion request step-by-step

There are four steps to make a data deletion request in GA4:

Select the deletion type
Select the deletion range
Select the deletion filter
Confirm the data deletion request

Let’s go through each step in detail.

This is where you need to specify what type of data you want to delete from your GA4 property. There are four options to choose from:
- Delete all parameters on all events
- Delete all registered parameters on selected events
- Delete all selected parameters on all events
- Delete selected registered parameters on selected events
- Delete selected user properties
To understand these options, you need to have a basic understanding of the GA4 data structure, which consists of events and event parameters, and users and user properties.
Events and event parameters
Events are any user action on your site/app that is tracked in GA4. These can include page views, link clicks, downloads, video plays, or form submissions, and more. Event parameters are additional information that is associated with each event, such as the page title, page URL, link URL, engagement time, etc. For example, a page_view event fires each time a page is viewed on your site, and it may have parameters such as page_location, page_referrer, and page_title.
Users and user properties
Users are individual people who visit your site/app and are tracked in GA4. User properties are attributes that describe each user, such as their country, browser, language, device category, etc. For example, a user may have a user property of country with a value of Australia. User properties can also be customised to capture specific information about your users, such as their preferences, interests, or behaviours.
Deletion type options
Depending on what type of data you want to delete, you can choose one of the following options:
- Delete all parameters on all events: This option will remove all the event parameters from all the events in your GA4 property. This means you will lose all the context and details about the events that happened on your site/app. You will only know how many events of each type occurred, but not any other information about them. This option is not recommended unless you want to delete all your data.
- Delete all registered parameters on selected events: This option will remove all the event parameters from the events that you select in your GA4 property. This means you will lose all the context and details about the selected events that happened on your site/app. You will only know how many events of the selected types occurred, but not any other information about them. This option may be useful if you want to delete data from specific events that are not relevant or useful for your analysis.
- Delete all selected parameters on all events: This option will remove the event parameters that you select from all the events in your GA4 property. This means you will lose some of the context and details about all the events that happened on your site/app. You will still know how many events of each type occurred, and some information about them, but not the information that is contained in the selected parameters. This option is recommended if you want to delete data that may contain PII or other unwanted data, such as page URLs, link URLs, site search terms, etc.
- Delete selected registered parameters on selected events: This option will remove the event parameters that you select from the events that you select in your GA4 property. This means you will lose some of the context and details about the selected events that happened on your site/app. You will still know how many events of the selected types occurred, and some information about them, but not the information that is contained in the selected parameters. This option may be useful if you want to delete data that is specific to certain events, such as custom dimensions, custom parameters, etc.
- Delete selected user properties: This option will remove the user properties that you select from all the users in your GA4 property. This means you will lose some of the attributes that describe your users, such as their country, browser, language, device category, etc. You will still know how many users visited your site/app, and some information about them, but not the information that is contained in the selected user properties. This option may be useful if you want to delete data that may contain PII or other unwanted data, such as user IDs, custom user properties, etc.

This is where you need to specify the time range for the data deletion request. You can choose a start date and an end date for the deletion, or select all time to delete all the data in your GA4 property. The time range must be within the data retention period of your GA4 property, which is usually 14 months by default. You can check your data retention settings by going to Admin > Data Settings > Data Retention.

This is where you need to specify the filter for the data deletion request. You can choose to delete data from all streams in your GA4 property, or select specific streams to delete data from. Streams are the sources of data that are sent to your GA4 property, such as your website, app, or Firebase project. You can check your streams by going to Admin > Data Streams.
If you choose to delete data from specific streams, you can also apply additional filters to narrow down the data deletion request. You can filter by:
- Event name: The name of the event that you want to delete data from, such as page_view, click, scroll, etc.
- Event parameter name: The name of the event parameter that you want to delete data from, such as page_location, link_url, engagement_time_msec, etc.
- Event parameter value: The value of the event parameter that you want to delete data from, such as [URL], mailto:info@example.com, 3000, etc.
- User property name: The name of the user property that you want to delete data from, such as country, browser, language, device_category, etc.
- User property value: The value of the user property that you want to delete data from, such as Australia, Chrome, English, desktop, etc.
You can use the filter operators to match the exact value, or use the contains, starts with, or ends with operators to match partial values. You can also use the and/or operators to combine multiple filters.

Once you have selected the deletion type, range, and filter, you can click on Schedule Request to confirm the data deletion request. You will see a confirmation message that shows the details of your request and warns you that the data deletion is irreversible. You will also see a note that you have one week to review and cancel the data deletion request before it is permanent. Click on Confirm Data Deletion to proceed.

How to preview and cancel data deletion requests

After you have confirmed the data deletion request, you can go back to the Data Deletion Requests page and see the status of your request. You will see a list of all the data deletion requests that you have made, and their status, such as:

Preview active: This means that the data deletion request is in the seven-day grace period, and you can preview the effect of the request on your reports before it is permanent. You can also cancel the request during this period.
Deletion in progress: This means that the data deletion request is being processed and the data is being removed from your GA4 property. You cannot cancel the request during this period.
Deletion completed: This means that the data deletion request has been completed and the data has been removed from your GA4 property. You cannot undo the request after this period.

To preview the effect of a data deletion request, you can click on the Preview Active status and then click on Preview Request. You will be taken to the Analysis Hub, where you can see how the data deletion request will affect your reports. You can compare the data before and after the deletion, and check if the data that you want to delete is removed as intended. You can also use the Analysis Hub to create custom reports and analyses to preview the data deletion request.

To cancel a data deletion request, you can click on the Preview Active status and then click on Cancel Request. You will see a confirmation message that asks you to confirm the cancellation. Click on Confirm Cancellation to proceed. You will see a message that says that the data deletion request has been cancelled and the data will not be deleted from your GA4 property.

Best practice tips for data deletion and data quality

Data deletion is a useful feature to remove unwanted data from your GA4 property, but it should not be the only way to ensure data quality and privacy. Here are some best practice tips to help you manage your data in GA4:

Regularly check your GA4 property for PII or other unwanted data, and delete it as soon as possible. You can use the Analysis Hub to create custom reports and analyses to identify PII or other unwanted data in your GA4 property.
Sanitise the tracking of forms and other data points on your website to ensure that any personal information submitted is either redacted or substituted before it is sent to GA4. You can use Google Tag Manager or other methods to modify the data before sending it to GA4.
Review your GA4 configuration and implementation to ensure that you are not collecting or sending any PII or other unwanted data to GA4. You can use the Debug View or the Tag Assistant to check the data that is being sent to GA4.
Review your GA4 account and property settings to ensure that you are following the best practices for data retention, data sharing, user access, and user consent. You can use the Admin section to check and update your settings.
Review your agency Privacy Notice and Terms of Service to ensure that they are clear and transparent about the type of data that you collect and use, and the potential mechanisms for data collection. You can also provide users with options to opt out of data collection or request data deletion.

Observatory