This page provides answers to the most frequent questions on data privacy and compliance when using Powermetrics on your website.
How does Powermetrics comply with the GDPR?
Powermetrics is GDPR compliant by design, because we do not collect any personal data or personally identifiable information.
Does Powermetrics require user consent or a cookie banner?
There's no need for a cookie banner, privacy notice, or pop-up. We neither generate nor store any device-persistent identifier, and we refrain from using cookies, browser cache, or local storage for processing information on the visitor's device.
To make things quick and easy for you, we prepared a template to get you started:
Does Powermetrics transfer data outside of the EU?
No, we don't transfer your data outside of the EU. This includes no data transfer to the United States of America. You don't have to worry about Schrems II and that it invalidates the EU-US privacy shield. All data that we collect is kept only on servers in Frankfurt (Germany).
Furthermore, all our hosting providers fully support the GDPR and comply with its provisions.
Do I fully own my Data?
Yes, with Powermetrics, you always retain 100% ownership of your tracking data. Here's what we mean by that:
- Your data is yours. We simply store it on our cloud servers when you use our hosted service.
- We claim no rights over your website data and never sell or share it with third parties.
- Your data isn't shared with advertisers or any other companies. It's not mined for trends, nor monetized.
- You have the freedom to delete your account or specific site stats whenever you choose. Once deleted, the data is gone forever, and we cannot retrieve it.
How does Powermetrics count unique users without cookies?
Powermetrics values privacy. While many analytics tools store persistent identifiers in browsers to identify unique and returning visitors, these are considered personal data under GDPR. To solve this conflict, we implemented tracking in way that respects user privacy but still provides some insights into unique visitor patterns. Here is how it works:
When a visitor interacts with your site, their IP address and User-Agent are naturally included in the standard HTTP request that is send to the server. We use this information and run it trough a hashing function to produce a daily, non-personal identifier through a hashing process that includes a daily rotating salt.
This ensures the data is thoroughly anonymized, creating an untraceable string that prevents any personal identification. Most importantly, we never store the original IP addresses or User-Agents in any logs, databases, or elsewhere. Each day, to further secure privacy, we delete the salts, making it impossible to reverse-engineer or link visitor data across days.
In terms of counting, if the same visitor browses your site multiple times within a day, we record it as one unique visitor. However, visits across different days or devices will always count separately.