Not collecting any information would be silly for an analytics tool. We do collect information that is necessary to show you the simple analytics. But unlike other analytics tools, we don’t collect more than absolutely necessary. Here is a list of what we do collect from our users.
We don’t collect and store IPs
We drop the IP address from request. We don’t hash them with cryptography. We just don’t save or collect them. Period.
Update: Nov 21, 2019. Just to be completely transparent: we found IPs in our logs when requests on our server were failing. We fixed this by filtering all log messages and replace IPs with zero’s using mmanon. Now all IPs (like
2606:4700:4700::1111) will become
0:0:0:0:0:0:0:0before it enters our logs.
We collect and store if visits are unique
We detect a unique visit based on the hostname of the referrer of the page. If a user comes from one domain to another it shares the previous domain with the next via a so called referrer. If the domain is the same as the one in the referrer we know it’s a non-unique visit.
Read more on how we register unique pages views.
We collect and store timestamps
We use timestamps to show you the graphs. We store this data because we want to be able to show the information of previous days as well.
We collect and store user agents for a maximum of 90 days
We detect and exclude bots and spiders based on the User Agent. We don’t believe this data is useful for any other function, but we keep it in our logs (not database) for 90 days. When an incoming request fails for some reason we store the request body in our logs. After 90 days the logs are deleted including the user agents. We don’t use User Agents for fingerprinting, rather only for showing the OS, device, and browser version.
Update: Jan 14, 2019. Previously, we didn't store the User Agents, but now we save failed requests to our logs, so we added this as a clarification to the paragraph above.
We partly collect and partly store URL’s
Too much information in the URL can be confusing and can make your stats messy. So we only collect and store the first part of the URL. If an URL looks like this
https://example.com/index.html?search=keyword#top we will only store
https://example.com/index.html. Also known as the protocol, hostname, and pathname.
We collect and partly store referrer’s
Referrers answer the question “Where did the visitor come from?”. We have two ways of checking the source of a user that visited your website.
First of all; With most requests, browsers send the URL of the previous website as a referrer. Second; website owners can add a URL param (
utm_source=...) in the links they post elsewhere. The URL param can also be called
source=.... In case we get the referrer via the browser (with full URL) we store it the same as URLs (see above). You can find a list of the most popular referrers in your analytics dashboard.
We collect and store device dimensions
With the collection of dimensions of the browser window (
window.innerWidth) we can show the most popular screen sizes. This is useful for you so you can make sure your website works great on all of those dimensions.
Do Not Track
We skip when Do-Not-Track is enabled
The Do Not Track setting requests that a web application disables either its tracking or cross-site user tracking of an individual user. We never track your users, but by default we also skip requests with Do-Not-Track enabled. The stats will not include visitors when Do-Not-Track is enabled. Read more on how to disable this behavior.