There is a very simple static website for a commerce. That website only shows information. It haves google analytics to count visits with the default GA script placed in :
<head>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','https://www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-XXXXXXX-1', 'auto');
ga('send', 'pageview');
</script>
</head>
As you can see, is the default script that google gives you for a simple integration of GA in your website, and it's placed in the default place (header).
Now it haves a lower bar displaying this:
This website uses 'cookies' for your navigation. By using our services you accept their use. If you want to restrict the use of cookies, click on More information.
That bar haves two buttons, "accept" and "More information". Accept simply hides the bar forever, and more information displays the legal info of the commerce and tells the users that it is using google analytics to track the visits, and that google analytics uses cookies. Also, tells the user that he can remove the cookies and prevent the website collecting cookies disabling it in the navigator, and gives the user some links with official help about how to disable and remove cookies for a website in four big navigators (firefox, chrome, IE, safari).
Is enough with that to be compliand with GDPR in this very simple website which only uses GA to track visits?
