Skip to main content

Privacy‑first Website Analytics, Without the Creepiness

· 3 min read

privacy lock and data

Most teams want trustworthy product signals without shadow‑tracking their users. This post outlines how to run a privacy‑first analytics stack that is cookie‑less, IP‑anonymized, and compliant by default — and how Tianji helps you ship that in minutes.

What “privacy‑first” really means

  • No third‑party cookies or fingerprinting
  • IP and geo anonymization at ingestion time
  • Minimization and aggregation by default (store only what you act on)
  • Short retention windows with configurable TTLs
  • Clear data governance: self‑hosted or region‑pinned

you are being watched vs privacy

Privacy is not the absence of insight. It is the discipline to collect the minimum, aggregate early, and keep identities out of the loop unless users explicitly consent.

What you still get (and need) for product decisions

analytics dashboards

  • Page views, sessions, referrers, UTM cohorts (sans cookies)
  • Conversion funnels and drop‑offs on critical paths
  • Lightweight event telemetry for product behaviors
  • Country/region trends with differential privacy techniques
  • Content insights that help editorial and SEO without tracking people

How Tianji implements privacy by design

Tianji bundles Website Analytics + Uptime Monitor + Server Status into one platform, so you get product and reliability signals together — without data sprawl.

  1. Cookie‑less tracking script with hashing and salt rotation
  2. IP truncation and geo mapping via in‑house database
  3. Aggregation and TTL policies at the storage layer
  4. Self‑host, air‑gapped, or region‑pinned deployments
  5. Open APIs and export for audits

See docs: Website Tracking Script, Telemetry Intro, and Server Status Reporter.

Deployment options (pick your trust boundary)

on‑prem server lights

  • Self‑host with Docker Compose for full data control
  • Region‑pinned cloud install if you prefer managed ops
  • Hybrid: analytics in‑house, public status pages outside

Install in minutes:

wget https://raw.githubusercontent.com/msgbyte/tianji/master/docker-compose.yml
docker compose up -d

Default account is admin/admin — remember to change the password.

Policy templates you can copy

Use these defaults to start, then tighten as needed:

  • Retention: 30 days for raw events, 180 days for aggregates
  • IP handling: drop last 2 octets (IPv4) or /64 (IPv6)
  • PII: deny‑list at ingestion; allow only hashed user IDs under consent
  • Geography: pin storage to your primary user region
  • Access: least privilege with audit logging enabled

Implementation checklist

  • Map your product’s critical funnels and decide what to measure
  • Deploy Tianji with cookie‑less website tracking and telemetry events
  • Turn on IP truncation, geo anonymization, and retention TTLs
  • Build cohorts by campaign and page groups, not people
  • Review monthly: decision value vs. data cost — trim aggressively

Closing

privacy culture

Privacy‑first analytics is not just possible — it’s the default you should expect. With Tianji, you get actionable product and reliability signals without surveilling users. Less creepiness, more clarity.