Privacy & Security

How we protect your visitors' privacy.

What We Don't Do

  • No cookies — we never set any cookies on visitors' browsers
  • No IP addresses stored — we discard them immediately after processing
  • No cross-site tracking — visitors can't be tracked across different websites
  • No browser fingerprinting — we don't collect device fingerprints
  • No personal data collection — nothing that identifies individuals

How We Count Visitors

When a visitor loads your page, here's exactly what happens:

1. We receive visitor's IP address

Example: 192.168.1.100

2. IMMEDIATELY we remove the last 2 bytes

Result: 192.168.0.0

3. We look up approximate location from this truncated IP

4. We create a session hash:

SHA-256(daily_salt + anonymized_ip + user_agent + website)

5. The original IP is discarded — never stored anywhere

The hash changes every 24 hours (daily salt rotation), so the same visitor gets a new session ID each day. We can count daily unique visitors, but cannot track anyone across days or across websites.

About Location Data

Location is approximate by design

Because we remove the last 2 bytes of the IP address before looking up location, geolocation is only accurate to country or region level — not city or neighborhood.

This is intentional: less precise location = more privacy for your visitors.

What We Store vs. Never Store

We Store (anonymous data)

  • +Page URL visited
  • +Referrer domain (not full URL)
  • +Browser name (Chrome, Firefox — no version)
  • +OS name (Windows, macOS — no version)
  • +Device type (Desktop, Mobile, Tablet)
  • +Approximate country/region

We Never Store

  • IP addresses
  • Cookies or persistent identifiers
  • Full user agent string
  • Personal information of any kind
  • Cross-site tracking data
  • Device fingerprints

GDPR Compliance

No personal data = no consent banner required.

Since we don't collect any data that can identify individuals, GDPR consent requirements don't apply. You can use AICW without adding cookie consent banners or popups.

Data Location

All visitor analytics data is stored exclusively within the European Union:

  • AWS EU-West (Ireland) — compute infrastructure
  • Supabase EU — database
  • Tinybird EU — real-time analytics

Visitor data never leaves the EU.

Analytics that respects your visitors' privacy.

Create Account
Loading PDF…