As advised by lo in the video that I link to you in the dedicated section , in addition to the correctly configured passage to GA4 (provided that you are performing the asynchronous blocking of scripts and cookies, and comply with all the other provisions of the GDPR), there is it is the advice to have an approach not only of privacy by design, but of transparency by design.
This means actively and comprehensively informing the user of what data is collected, to which servers it is sent, for what reason, and what the problem is, the "threat", and asking the C Level Contact List user for his/her consent to send it anyway. these data. If the user expresses his consent, the lawyer claims, this bypasses the problem of exporting the data. I have spoken to many lawyers on the topic.
Some of them assert that Article 49 is only applicable to non-programmatic data exports, others argue that it can be applied. To avoid misunderstandings, we at Fuel LAB use the above solution, and we informed you about it during your first visit Hard Solution: Same as above, plus Server Side Tracking and data cleansing However, even by implementing this first solution, personal data.