docs
At mandera analytics, we collect the necessary information to provide you with valuable insights while maintaining the highest privacy standards for your visitors. Here’s a comprehensive overview of what we do and don’t collect.
Privacy isn’t just a feature – it’s our foundation. We’ve built mandera analytics with a strict privacy-first approach that ensures:
We never set any cookies or use similar technologies. Cookies can track visitors across multiple pages or even multiple websites – this is a hard no for us. This includes:
We drop the IP address from every single request. Period. We don’t save them, we don’t collect them, and we don’t hash them with cryptography. Your visitors remain completely anonymous.
Our unique visit detection is truly unique. Instead of using invasive methods like cookies or IP addresses, we detect unique visits based on the referrer domain. When a user comes from one domain to another, their browser shares the previous domain. If the current page’s domain matches the referrer, we know it’s a non-unique visit.
We collect timestamps to generate your analytics graphs and allow you to analyze changes in your website’s performance over time. This data is completely anonymous and cannot be tied to individual visitors.
We collect anonymized user agent data only to:
We automatically anonymize user agent strings by truncating version numbers. For example:Chrome/78.0.3904.108 becomes Chrome/78.0.0.0
Unlike services that use IP addresses for geolocation, we determine a visitor’s country based on their timezone. This provides country-level insights without compromising privacy. We can’t and don’t track cities or regions within countries.
We collect basic device dimensions (viewport and screen size) to help you understand how your website appears across different devices. This information is purely technical and cannot identify individual visitors.
We measure actual engagement time, not just open tabs. Our time-on-page metric:
We collect referrer information to show you where your traffic comes from. For UTM tracking, we collect:
For SPAs, we automatically handle unique visit detection and page transitions without compromising privacy.
We respect the Do Not Track browser setting by default. While we never track individual users anyway, we exclude these visits entirely from your analytics when Do Not Track is enabled.
Our tracking script is lightweight (3kb) and designed for maximum performance. We send minimal script settings with each page view to:
All data is processed with privacy in mind:
Your analytics data is:
By choosing mandera analytics, you’re not just choosing an analytics tool – you’re choosing a privacy-first approach to understanding your website’s performance. We believe in providing valuable insights without compromising visitor privacy, and every feature we build reflects this commitment.
______
How We Track
At mandera, we approach things differently. Our priority is to protect the privacy of your visitors while staying compliant with strict (and necessary) privacy laws. This means some of our statistics work differently from what you might be used to.
We record page views because it’s easy to do without compromising privacy. Tracking unique visits, however, can be more invasive. Traditional analytics tools use cookies to identify unique visits, storing them on a visitor’s computer. This allows tracking over long periods, which is highly intrusive.
Some privacy-focused tools improve this slightly by using hashes of a visitor’s IP address combined with a date. While better for privacy, it’s still not ideal. At mandera, we take it a step further.
We do not use cookies (or any kind of storage), fingerprinting, or PII data.
Under a European court ruling, pre-ticked cookie consent forms are no longer allowed under GDPR. In the UK, PECR (the privacy directive) already made this clear. Both laws also explicitly forbid visitor fingerprinting.
Many analytics providers rely on fingerprinting techniques, like using IP addresses, to track users. Although this may appear privacy-friendly, it’s considered fingerprinting and requires consent.
When a visitor moves from one website to another, their browser sends a referrer. For example, if someone visits randomwebsite.com and then navigates to yourwebsite.com, the browser sends randomwebsite.com as the referrer to yourwebsite.com. This information helps identify where traffic is coming from, and we use it to determine if a visit is unique. When the referrer doesn’t match your website, we count the first pageview as a new visitor.
A direct visit occurs when a user lands on your website by typing the URL into their browser or when the previous page does not send a referrer. In that case, we also count the first pageview as a visitor.
This happens when users navigate within your website. Once the first visitor is recorded, any additional pageviews during the session are counted as pageviews, not visitors. As a result, only pages with no referrer or a referrer from another website can be counted as visitors.
Time on page helps measure how engaged your visitors are with your content. We care about numbers being close to real-world scenarios. When a visitor is on a page, we collect the amount of time the page is actively viewed. If the page is hidden, we don’t count those seconds.
We determine a visitor’s country based on their browser’s timezone. This way, we don’t have to touch their IP address and can still provide geographic insights. This information is limited to the country level – we can’t and don’t track cities or regions within countries.
We collect basic device dimensions (viewport and screen size) and browser information to help you understand how your website appears across different devices. This information is purely technical and cannot identify individual visitors.
This approach to analytics provides valuable insights while maintaining complete user privacy. No consent banners needed, no cookie warnings required, just clean, privacy-friendly analytics.
