How HubSpot Adjusted Our Reporting Process After GDPR Changed Its Cookie Consent Laws


This post is a part of Made @ HubSpot, an internal thought series through which we extract lessons from experiments conducted by our very own HubSpotters.

GDPR (General Data Protection Regulation) is an EU law that protects the personal data of EU users and regulates how businesses process and handle this data.

GDPR has been around since May 2018, and per the European Council ruling on October 1, 2019, businesses — including HubSpot — can only drop cookies once a user has given explicit consent (i.e., clicked “Yes” on a cookie banner).

In short, you can’t imply consent if users take no action on the banner and continue to browse the site. Before a site visitor has taken any action, you can only drop “strictly necessary” cookies — cookies that make your website function, such as a shopping cart.

Once the new GDPR ruling was introduced, businesses scrambled to understand how to become GDPR-compliant. This process raised another concern about how the regulation would impact the overall reporting process.

The HubSpot analytics team was no exception when it came to these concerns. We had to brainstorm innovative solutions that could help the team better track users’ data to provide a more intuitive website experience — while still remaining GDPR-compliant.

→ Free Download: Free Marketing Reporting Templates [Access Now]

Before GDPR, HubSpot used Google Analytics (GA) for website reporting and insights for all HubSpot domains — specifically, to track various metrics related to page sessions, button clicks, freemium signups, campaigns, A/B testing, and more.

On October 26, 2019, in response to GDPR, HubSpot implemented a new and improved cookie banner, making our sites fully compliant with the GDPR and cookie consent laws in the EU. This action meant we couldn’t gather data on EU users that accessed a HubSpot website until they explicitly provided consent by clicking “Yes” on the cookie banner.

hubspot website cookie banner gdpr

Image Source

The table below highlights how HubSpot’s traffic was impacted by GDPR. These calculations are estimates based on how many users visit the HubSpot domains from both within and outside the EU.

How did we calculate this multiplier? Download and copy this Google Sheet to learn more.

The HubSpot Analytics team decided to use a mixture of HubSpot Analytics tools and Google Analytics to adjust for the new GDPR policies. Here’s how:

  1. We used HubSpot Analytics as a source of truth for reporting as HubSpot is GDPR-compliant
  2. We used Google Analytics to see all data trends.
  3. We used a multiplier to estimate the traffic we’d inevitably lose and not be able to track in either HubSpot Analytics or Google Analytics.

According to data around user interaction with the cookie policy banner from the HubSpot Google Analytics account, around 31% of users typically accept, 6% decline, and the rest (63%) take no action on the cookie banner. This was an eye-opener as we did not expect that the majority of users didn’t interact with the cookie policy banner at all.

In response, we had to estimate the loss of those non-tracked users on the HubSpot website. We did that by calculating an estimation multiplier. Here’s how:

We assumed that our Accept (31%), Decline (6%), and no action (63%) rates remain the same for the short-term.

  1. We took into consideration historical traffic from GDPR/EU countries on every HubSpot domain from Google Analytics.

With this information, we calculated the multiplier for recovering the loss of traffic (based on users without cookies).

For example, for, we got a multiplier of 1.17:


Users with Cookies

Users Without Cookies

Estimated Traffic Loss



How did we calculate this multiplier? Download and copy this Google Sheet to learn more.

For example, if reported traffic for was 1,000 after the GDPR implementation in Google Analytics (November 1 to November 30), the estimated total traffic would be 1000 x 1.17 = 1,150.

The above method has helped us to estimate traffic loss and minimize the impact of GDPR on our reporting, which has allowed us to keep using Google Analytics for better insights and reporting.

These simple adjustments in reporting using HubSpot Analytics and estimation for Google Analytics helped the HubSpot Analytics team get a better idea of our true website traffic — whether or not visitors took action on the cookie banners.

We hope these suggested methods can help you and your team adjust your reporting and minimize the impact of GDPR.

Originally published Jul 9, 2020 7:30:00 AM, updated July 09 2020

Leave a Reply

Your email address will not be published. Required fields are marked *


SaaStr Podcast #350 with Contentstack Founder & CEO Neha Sampat


Networking Technology: HTTPS