Lightstats
Sign in Start free

Legal

Privacy Policy

Last updated: June 6, 2026

Introduction

Lightstats ("we", "our", "us") provides cookie-free web analytics and uptime monitoring. This policy explains what data we collect, why, and how we handle it. We are committed to keeping analytics data minimal while protecting both our customers and their website visitors.

Website visitor data (analytics)

When our customers add the Lightstats tracking script to their websites, we collect the following data about their visitors:

  • Page URL and referrer
  • Browser type and operating system
  • Device type (desktop, mobile, tablet)
  • Country of origin (derived from IP, then discarded)

Lightstats analytics is designed not to store:

  • Full IP addresses in analytics reports (IP may be processed transiently for country lookup and by security/CDN infrastructure)
  • Analytics cookies or local storage
  • Personal identifiers in visitor analytics reports (names, emails, etc.)
  • Cross-site or cross-device advertising profiles

Lightstats analytics is cookie-free and does not use fingerprinting. Depending on how customers use the service and their own legal basis, this may reduce or remove the need for analytics consent banners, but customers are responsible for their own compliance obligations.

Customer account data

When you create a Lightstats account, we collect:

  • Name and email address
  • Password (stored securely hashed, never in plain text)
  • Billing information (processed by Stripe — we never see or store your card details)

We use this data solely to provide and manage your account and subscription.

Data hosting

Application data is stored on servers located in the European Union. We may use infrastructure and security providers, including CDN/WAF services, to deliver and protect the service; those providers may process technical request data such as IP addresses and security logs according to their own data processing terms.

Third-party services

  • Stripe — payment processing. Subject to Stripe's Privacy Policy.
  • Maileroo — transactional email delivery.
  • Cloudflare — CDN, DNS, security, and WAF protection. Cloudflare may process technical request and security data to deliver and protect the service.

We do not sell personal data or use visitor analytics data to build advertising profiles.

Data retention

Analytics data is retained for as long as your account is active. If you delete your account, all associated data is permanently removed within 30 days.

Your rights

Under GDPR, you have the right to access, correct, export, or delete your personal data at any time. To exercise these rights, contact us at [email protected].

Contact

If you have questions about this policy, email us at [email protected].