GDPR Compliance

Analytics is designed to be GDPR-compliant by default. No cookie banners required.

What is GDPR?

The General Data Protection Regulation (GDPR) is a comprehensive data protection law in the European Union that came into effect on May 25, 2018. It gives individuals control over their personal data and imposes strict requirements on organizations that process personal data.

How Analytics is GDPR Compliant

✓ No Personal Data Collection

Analytics does not collect any personally identifiable information (PII). We don't collect names, email addresses, IP addresses (only hashed) or any other personal data from your website visitors.

✓ Cookieless Tracking

Our tracking is 100% cookieless. We use a privacy-friendly visitor identification method based on daily-rotated hashes of IP addresses and user agents. No cookies means no consent banners required.

✓ No Cross-Site Tracking

We never track users across different websites. Each website's analytics data is completely isolated.

✓ IP Address Anonymization

IP addresses are never stored in raw form. We create a SHA-256 hash of IP + User Agent + Date with a daily-rotating salt. This makes it technically impossible to identify individual users.

✓ EU Data Storage

All data is stored on secure servers within the European Union, ensuring compliance with GDPR data transfer requirements.

✓ Data Ownership

You own 100% of your data. We never sell, share or use your analytics data for any purpose other than providing the service to you.

✓ Easy Data Export & Deletion

You can export or delete your data at any time from your dashboard, complying with GDPR's "right to access" and "right to erasure" requirements.

Legal Basis for Processing

Under GDPR Article 6, the legal basis for processing analytics data is:

Legitimate Interest (Article 6(1)(f))

Website owners have a legitimate interest in understanding their website traffic to improve their services. Since Analytics doesn't collect personal data and uses privacy-friendly methods, the processing is proportionate and doesn't override visitors' rights.

This means you can use Analytics without obtaining explicit consent from your website visitors, as long as you inform them about the analytics in your privacy policy.

Do You Need a Cookie Banner?

🎉

No Cookie Banner Required!

Since Analytics doesn't use cookies, you don't need a cookie consent banner for our analytics tracking.

Under the ePrivacy Directive (Cookie Law), websites must obtain consent before storing or accessing information on a user's device. Since Analytics is cookieless, this requirement doesn't apply.

However, you should still mention the use of Analytics in your privacy policy to be transparent with your visitors.

Data Subject Rights

GDPR gives individuals several rights regarding their personal data. Since Analytics doesn't collect personal data from website visitors, most of these rights don't apply:

ℹ️

Right to Access

Not applicable - we don't store personal data that could be linked to individual visitors.

ℹ️

Right to Rectification

Not applicable - no personal data is stored.

ℹ️

Right to Erasure

Not applicable - since visitor hashes rotate daily and can't be traced back to individuals, there's no personal data to erase.

ℹ️

Right to Object

Visitors can block our tracking script using browser extensions or privacy settings if they wish.

For website owners: You have full control over your analytics data and can exercise all GDPR rights from your dashboard.

Privacy Policy Template

We recommend adding this section to your website's privacy policy:

Analytics

We use Analytics, a privacy-friendly web analytics service, to understand how visitors use our website. Analytics does not use cookies and does not collect personal data.

The data collected includes:

Pages visited
Anonymized location data (country/city)
Device type and browser (anonymized)
Referrer source

All data is anonymized and cannot be used to identify individual visitors. For more information, see PureStats' GDPR Compliance.

Data Protection Officer

If you have questions about GDPR compliance or data protection, you can contact our Data Protection Officer:

Email:
Address: PureStats Data Protection Officer, Berlin, Germany

GDPR Compliance Comparison

Feature	PureStats	Google Analytics	Traditional Analytics
No Cookies	Yes	No	No
No Personal Data	Yes	No	Varies
No Consent Required	Yes	No	No
EU Data Storage	Yes	No (US)	Varies
Data Ownership	You Own It	Google Owns It	Varies
IP Anonymization	Default	Optional	Varies

Start Using GDPR-Compliant Analytics

No cookie banners. No consent required. Just simple, privacy-friendly analytics.

Join Open Beta - FREE

100% FREE during Open Beta • No credit card required