Plausible Analytics Privacy Policy
TL;DR: For plausible.io visitors, we do not use cookies and we do not collect any personal data. If you decide to create an account, we ask for the bare minimum and only share it with services that are absolutely necessary for the app to function.
At Plausible Analytics, we are committed to complying with GDPR, CCPA, PECR and other privacy regulations on our website and in our analytics product. The privacy of your data — and it is your data, not ours! — is a big deal to us.
In this policy, we lay out what data we collect and why, how your data is handled and your rights to your data. We promise we never sell your data: never have, never will.
If you have placed the Plausible Analytics script on your website, take a look at our data policy for details on the information we do collect about your website visitors on your behalf.
Data controller
Plausible Insights OÜ
Tartu, Estonia
Contact: privacy@plausible.io
For full company details, see our imprint
Two types of data we handle
There are two distinct types of data in Plausible Analytics:
-
Website visitor data (your visitors):
This is the data collected via the Plausible script on your site. This data is processed entirely within the European Union and never leaves the EU. -
Customer account data (you as a customer):
This includes your email address, billing details and support communication. To operate our service, we use a small number of trusted external service providers, some of which may process data outside the EU with appropriate safeguards in place.
Data processing roles
For website visitor data collected on behalf of your website, Plausible acts as a data processor.
For customer account data (such as account details, billing and support communication), Plausible acts as a data controller.
For more details, see our Data Processing Agreement.
As a visitor to the plausible.io website
The privacy of our website visitors is important to us so we do not track individual people. As a visitor to the plausible.io website:
- No personal data about visitors is collected or stored
- No information such as cookies is stored in the browser
- No information about visitors is sold, and any processing is limited to trusted service providers where necessary to operate the service
- No information is shared with advertising companies or used for advertising purposes
- No information is mined and harvested for personal and behavioral trends
- No information is monetized
We use Plausible Analytics to collect some anonymous usage data for statistical purposes. The goal is to track overall trends in our website traffic, not to track individual visitors. All the data is in aggregate only.
Data collected includes referral sources, top pages, visit duration, information from the devices (device type, operating system, country and browser) used during the visit and more. You can see full details in our data policy.
As a customer and subscriber of Plausible Analytics
Our guiding principle is to collect only what we need and to process this information solely to provide you with the service you signed up for.
We use a small number of trusted external service providers for certain service offerings. These service providers are carefully selected and meet high data protection, data privacy and security standards.
We only share information where necessary to provide the service and contractually require them to keep this information confidential and to process personal data only according to our instructions.
Legal basis for processing (GDPR)
We process personal data under the following legal bases:
- Contract: to provide the Plausible Analytics service, including account access, billing and essential functionality such as maintaining logged-in sessions
- Legitimate interest: to operate and improve our website and services
What we collect, what we use it for and services we use
An email address is required to create an account. You need to provide us with your email address if you want to create a Plausible Analytics account. That’s so you can log in and personalize your account, and so we can send you invoices, updates or other essential information.
A persistent first-party cookie is stored to keep you logged in. This is necessary for the service to function and so you don’t have to log in on each returning session.
All of the data that we collect is kept fully secured, encrypted and hosted on 100% renewable energy powered servers in Falkenstein, Germany. The servers are owned by Hetzner, a European company. Your site data never leaves the EU.
We use Bunny (a European provider based in Slovenia) for CDN, DNS and DDoS protection.
We use UpCloud (a European provider based in Finland) for database hosting and storage of data exports.
The payment process is handled by Paddle, our payment provider.
Transactional emails and email reports are sent using Postmark. We have disabled both open tracking and link tracking on all emails.
We use Gravatar to get your account profile picture via a proxy to ensure no personal data is exposed.
We use DuckDuckGo to get your site favicon via a proxy.
If you choose to import Google Analytics data or use integrations, you connect your Google account to Plausible. Google may share account-related data with us to provide the service.
When you contact support, we store correspondence to provide help and maintain context. We use Help Scout.
When you submit feedback, we store it to improve our product. We use Nolt.
We use hCaptcha to protect against spam.
For blog subscriptions, we use Mailchimp. We have disabled both open tracking and link tracking on all emails.
For more details on our subprocessors, see our Data Processing Agreement.
International data transfers
Where we use third-party providers outside the European Union, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.
Retention of data
We retain your information for as long as your account is active and as necessary to provide you with the service.
We do not retain personal data longer than necessary to fulfill the purposes described in this policy, unless a longer retention period is required by law.
You can delete your Plausible Analytics account at any time. All your data will be permanently deleted without undue delay upon account deletion.
Your rights
You have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion of your data
- Object to processing where applicable
To exercise any of these rights, contact us at privacy@plausible.io.
Changes and questions
We may update this policy as needed to comply with relevant regulations and reflect any new practices. Whenever we make a significant change, we will announce it on our company blog or social media profiles.
Contact us at privacy@plausible.io with any questions, comments or concerns.
Last updated: March 2026
Clarifications only. No material changes to data collection or processing.
