What we collect edit

Not collecting any information would be silly and unrealistic for an analytics tool. We do collect information that is necessary to show you simple analytics, but unlike other analytics tools, we don’t collect more than absolutely necessary. Here is a list of what we do and don’t collect from your users.

IP addresses

We do NOT collect or store IP addresses

We drop the IP address from every single request. Period. We don’t save or collect them. We don’t hash them with cryptography.

Update: Nov 21, 2019. Just to be completely transparent: we found IPs in our logs when requests on our server were failing. We fixed this by filtering all log messages and replacing IPs with zeros using mmanon. From now on, all IPs (like 1.1.1.1 or 2606:4700:4700::1111) will become 0.0.0.0 or 0:0:0:0:0:0:0:0 before they enter our logs.

Unique views

We do collect and store whether visits are unique

Our unique detection of visits is quite unique itself. Most services use cookies or IP addresses to see if a visitor has visited the website in the past, except we don’t use cookies or IP addresses at all. In the UK, for example, websites can’t use IP addresses (even hashed) without an active opt-in from each user. This is why Simple Analytics is compatible with all existing privacy laws, including GDPR. You don’t need an opt-in for our service.

We detect a unique visit based on the hostname of the referrer of the page. When a user comes from one domain to another, their browser shares the previous domain with the next. If the current page’s domain is the same as the one in the referrer, we know it’s a non-unique visit.

Read more on how we register unique page views.

Timestamps

We do collect and store timestamps

We use timestamps to generate the graphs you see on your dashboard, which allows you to analyze changes in your website’s performance over various lengths of time.

User agents

We do collect and store user agents for a maximum of 90 days

We detect and exclude bots and spiders based on the visitor’s User Agent. We don’t use User Agents for fingerprinting, only for counting operating systems, device sizes, and browsers in your dashboard. We don’t believe this data is useful for any other function, but we keep it in our logs (not database) for a maximum of 90 days. When an incoming request fails for some reason, we store the request body in our logs, which includes a User Agent. After 90 days, these logs are deleted.

Update: Jan 14, 2019. Previously, we didn't store the User Agents, but now we save failed requests to our logs, so we added this as a clarification to the paragraph above.

URLs

We partially collect and partially store URLs

Too much information in the URL can be confusing and can make your stats messy. We only collect and store the first part of the URL. If an URL looks like this https://example.com/index.html?search=keyword#top we will only store https://example.com/index.html, also known as the protocol (https), hostname (example.com), and pathname (/index.html).

Referrers

We do collect and partially store referrers

Referrers answer the question “Where did this visitor come from?”. We have two ways of checking the source of a user visiting your website.

  1. In most cases, browsers send the URL of the previous website as a referrer. We store the referrer the same as URLs (see above). You can find a list of the most popular referrers in your analytics dashboard.
  2. Website owners can add a URL parameter to links to their website, like ref=..., source=... or utm_source=.... This overrides the referrer sent from the user’s browser. Read more on using URL parameters.

Device dimensions

We do collect and store device dimensions

Collecting the dimensions of a user’s browser window (window.innerWidth) allows us to show you the most popular screen sizes. This is useful for making sure your website works great on all screens: phones, tablets, desktops, etc.

Do Not Track

By default we do NOT collect or store any data if a visitor has Do Not Track enabled

The Do Not Track browser setting asks a web application to disable either its own tracking or third-party tracking of an individual user. We never track your users anyway, but by default we also ignore visits with Do Not Track enabled and do not add them to your dashboard. Read more on how to disable this behavior.