How we protect your data edit

We do everything in our power to keep your data safe. We collect the bare minimum amount of data required to give you a broad picture of your website’s visitors and even go a few steps further.

Data processing 

We never collect IP addresses or any form of personal data. Therefore, there is no need for a data processing agreement concerning personal data. We are aware that we still collect (non-personal) data. We do everything in our power to keep your data safe. We collect the bare minimum amount of data required to give you the insights you need. 

Data Hosting Infrastructure

The data we collect belongs to you. We only collect non-personal data and don’t share the data with third parties or transfer it overseas. Your website data never leaves The Netherlands and, therefore, the E.U.  Also, no other third-party vendors have access to any data outside the hosting company that owns the servers on which the data is stored.

The data is hosted fully secured and encrypted in The Netherlands, part of the EU. Worldstream and Leaseweb own the servers, both dutch companies that adhere to EU law and GDPR policy. 

We use a CDN for most of our customers. The CDN is called Bunny CDN and is part of a company called BunnyWay, located in Slovenia, part of the EU. Simple Analytics and Bunny CDN have signed a written agreement protecting data exits.

Data Security

Simple Analytics (and our hosting parties) possess organizational and technical measures to protect the data. All data is kept fully protected and encrypted. This is how we make sure your data is secure and exclusively processed by European companies. Any questions related to our security policy and measures can be sent to

Data Retention

In order to provide our service, Simple Analytics will retain your data for as long as your account is active. We won’t store your data longer than necessary. Once you delete your account, you can export your data and delete the data from our servers. The data will be deleted immediately when you delete your account (but will be permanently deleted after 90 days).

No data transfer to the US

We don’t transfer your visitors’ data outside of the EU. This includes no data transfer to the United States of America.

The EU-US Privacy Shield Framework was invalidated by the Court of Justice of the European Union. Called the “Schrems II” decision, which refers to the ruling that transferring data to US providers violates GDPR regulation. This has been the ruling since July 2020. We have been compliant since the start of our business in 2018.

Are you coming from Google Analytics? Please read our blog post on the differences between Google Analytics and Simple Analytics. You can import your Google Anlaytics data into Simple Analytics.

Protecting your privacy

What do we do to protect your privacy and that of your visitors?

  1. We only collect what we need and nothing more. This data probably won’t be of much interest to thieves.
  2. You are in control of your data, and you can download or delete it at any time. We don’t own any of it.
  3. The drives storing your data are fully encrypted. If anybody did manage to steal them, they’d be useless.
  4. We will never sell your data. Because, once again, it’s yours!