Understanding the Legal Issues of Using Google Looker or Power BI for Your Matomo Data

With more organizations turning to visualization platforms like Google Looker and Microsoft Power BI to enhance their analytics, many have begun integrating these tools with their Matomo data. However, what some organizations may overlook is that this practice is likely not compliant with GDPR regulations.
Understanding the Legal Issues of Using Google Looker or Power BI for Your Matomo Data
Tomas Persson
2025-02-17


Why Visualize Matomo Data?

The growing interest in leveraging advanced visualization platforms for Matomo data comes as no surprise. Matomo is a powerful digital analytics platform, but it lacks the sophisticated visualization and insight-generation features. Many organisations look for these feature in platforms like Google Looker or Power BI. 

To be fair, this isn't unique to Matomo; even users of Google Analytics often rely on external visualization tools for enhanced reporting. However, it’s essential to understand the legal implications before exporting data to any third-party service—especially when working with GDPR-compliant platforms like Matomo.

Also Google Looker or Power BI deliver poorly if you look for a data insight platform, something I wrote about before. 

Premium Matomo

Digitalists Matomo SaaS is used by the main players in the Swedish public sector.

We include everything you need:

  • Matomo SaaS
  • Survey Tools
  • Advanced Dashboards
  • Support
  • Access to the markets best web analysts

Starting from 249 € / month

Sharing Data with Third Parties: The Legal Concerns

One of the primary reasons organizations choose Matomo is to ensure compliance with GDPR by avoiding the risks that come with sharing sensitive user data with third-party vendors, such as Google. However, exporting Matomo data to services like Power BI or Google Looker could counteract this very purpose .

Additionally, there's the risk of FISA 702 , a U.S. law that allows government agencies to access data stored in U.S.-based companies, regardless of where their servers are located. This makes exporting your Matomo data to platforms like Google Looker particularly problematic, as it could jeopardize your commitment to data sovereignty and visitor privacy. For organizations that have undergone the effort to migrate to Matomo for stricter privacy control, this is a significant contradiction.

What Does GDPR Say About Sharing Data?

GDPR explicitly outlines rules for processing personal data, and sharing data with a new third party or system often requires explicit user consent . Here's one of the key points from IMY (the Swedish Authority for Data Protection):

Are you processing already collected personal data in new ways?

If you wish to begin processing personal data that you have already collected in some new way, this must be compatible with the original purposes. You can in such cases cite the same lawful grounds as when you collected the data. Remember to inform the data subjects about the new processing of personal data before it begins.

If sharing Matomo data with a platform like Google Looker or Power BI was not explicitly mentioned in your initial data processing purposes, then transferring this data without updated consent likely violates GDPR regulations .

What Does This Mean in Practice?

If you want to use platforms like Google Looker or Power BI to visualize Matomo data:

  1. You need to obtain new user consents explicitly stating that their data will be shared with a third-party organization (like Google or Microsoft).
  2. You cannot legally upload historical data to these platforms, as it was collected without the consent needed for this type of processing or transfer.

The Better Alternative for Privacy-Conscious Organizations

Instead of risking GDPR violations by transferring data to a U.S.-based third party, consider solutions that respect your visitors’ privacy while meeting your visualization needs.

At Digitalist, we’ve developed RebelMetrics , an advanced visualization solution built on the open-source tool Apache Superset. What sets RebelMetrics apart is that it:

  • Keeps all data within the same infrastructure (no unauthorized transfers).
  • Adheres to strict EU data privacy standards.
  • Ensures that no data is shared with external processors or entities outside of your organization’s control.

With RebelMetrics, you can gain actionable insights from your Matomo data without compromising the trust of your users or running afoul of GDPR.

Conclusion

If you’re using Matomo to ensure GDPR compliance and protect the privacy of your visitors, exporting that same data to platforms like Google Looker or Power BI runs counter to those goals. Beyond breaking initial consents, such practices increase the risk of breaching your organization’s data sovereignty and violating GDPR—a law, not a recommendation, as a reminder.

Instead, prioritize solutions that allow you to maintain full control of your data without compromising privacy or legal compliance.



Dela
Taggar
Arkiv
Meet RebelAds a simple, but powerful Ads solution built in to Matomo for maximum privacy
Ads solution are amongst the worst privacy bandits on the internet. When you use an external ads systems on your site, you simply exploit your visitors privacy.