Lawful without consent — even in the strictest EU countries, Germany and Austria. Analyzza Zero measures everything it can, and nothing it shouldn't: no banner, no rejection, no blind spot.
The problem
Because web analytics can reach data three ways — and in 2026 all three familiar routes are problematic. We built a fourth.
Where you ask for consent, 30–70% of visitors reject or click past — they vanish from your stats. You make decisions from a fraction of your traffic, and you know nothing about the very people who leave fastest.
The Austrian DPA and the French CNIL both found its use unlawful; the measurement requires consent, the data travels to the US, and Google also uses it for its own purposes.
Umami and Plausible are a big step — but Umami keeps a visitor trackable for a whole month, and both actively read out the screen size. A strict German lawyer targets exactly these.
The solution
Zero puts nothing on the visitor's device and reads nothing from it. Visitors are told apart by the server, with a mathematical identifier that is destroyed every day.
Every browser sends every website the same things: the page address, the referrer, the language. Zero works only from these — it asks the device nothing, not even the screen size.
The server forms an irreversible identifier from a daily random key. At midnight the key is destroyed: the data becomes permanently anonymous — cross-day tracking isn't a policy, it's a matter of mathematics.
After deriving the country from the IP, nothing of it is kept; from the browser, only the category. What we store can no longer be linked to anyone — so there is nothing to ask consent for.
Comparison
We don't collect less for convenience — we collect exactly as much as is lawful without consent. The difference is in the details.
| Google Analytics | Umami / Plausible | ANALYZZA ZERO | |
|---|---|---|---|
| Needs a cookie banner? | Yes | In theory no — with disputed points | No — designed for it |
| Data loss from rejection | 30–70% | Minimal | Zero |
| Tracking length without consent | Years (unlawful) | Umami: 1 month · Plausible: 1 day | 1 day — or as you set it, per country |
| Device data read-out | Extensive | Yes, from JS | None — only what the browser sends on its own |
| Where is the data? | Google, US transfer | With you (if self-hosted) | On your own EU server, exclusively |
| Regulator's view | DSB (AT) & CNIL (FR): unlawful | No case — but has attackable points | Built for the strictest criteria |
| Blocked by ad blockers? | Yes, en masse | Often (analytics/collect patterns) | No — neutral paths |
| Excluding your own traffic | Complicated | Limited | One click, reversibly |
Features
Legal cleanliness doesn't mean a crippled dashboard. Everything you'd expect from analytics is here.
Visitors, views, sessions, bounce rate, session length — with previous-period comparison.
Referrer pages, UTM campaigns, entry and exit pages.
Country stats without storing the IP, from a local database — no external geo API.
Browser, operating system, device type — as categories, without raw data.
Active visitors and the last 30 minutes' event stream, in real time.
Button click, quote request, download — with a single HTML attribute or JS call.
Doesn't slow the page; tracks SPAs too. Multiple websites on a single dashboard.
Exclude your own machines' traffic with one click — your stats stay clean.
Conversion goals for a page or event, multi-step funnels with drop-off analysis and a daily trend.
A visual path map: in what order they browse the site, where they leave — with clickable links.
Click any row and the whole dashboard filters to it. Combinations can be saved by name and exported to CSV.
Attach properties and amounts to events — see revenue per campaign, not just the click.
Website guarding
Uptime monitoring, expiry watch, instant alerts and a shareable status page — no separate monitoring subscription, in the same tool. None of it touches visitor data.
Minute-precise availability checks with adjustable frequency, expected status code and keyword check — and the reason for a failure, not just the fact of it.
About downtime and recovery via email, webhook, Discord or Telegram — plus a weekly summary in your inbox.
Warns before your certificate or domain expires — and notices if a parking page appears where your site should be.
A beautiful, shareable status page with 90-day history, your own color and logo — your clients can check for themselves that everything works.
Real visitor loading experience (LCP, CLS, INP) — as a daily aggregate only, not linkable to any visitor.
Automatically summarizes each day what moved: trending pages, new sources, visitor spikes — you don't have to spot it yourself.
JavaScript, resource and server-side errors, grouped — as a daily count only, not linkable to any visitor, with the query stripped from URLs.
Compares traffic hourly with the same hour last week — you set how big a drop or spike counts. Broken tracker, outage? You'll know immediately.
Your cron job or backup script pings a URL when it runs — if the signal goes missing, we alert you. Your background jobs are watched too, not just your website.
Team & agency
For your clients as an agency, your colleagues as a team, your systems as a developer — Analyzza Zero gives access, data and reports to each.
Multiple users with roles: the admin manages everything, the viewer only sees assigned sites and can change nothing. Perfect as a client login.
An automatic, beautiful HTML report by email at the start of each month: traffic, top pages, goals, uptime, errors — per site, per user. The client sees what they pay for.
Bring your old stats over: we import Umami, Plausible, GA4 or Matomo exports (CSV) — we recognize the format from the header. No starting from zero.
A keyed REST API for the stats — for your own reports, integrations, dashboards. With documentation and curl examples. It can't write anything, only read.
A built-in URL builder for your ads and newsletters — the tagged campaign shows up in the stats automatically as soon as a click arrives.
Set how long we keep the data — older data is deleted automatically. Less stored data, a stronger data-minimization argument, cleaner compliance.
Flexibility
How conservative the measurement is can be set per website. The default is always the strictest.
Daily recognition window, no storage on the visitor at all. Lawful without consent or a banner even under the strictest practice. This suits most websites.
A longer window — set globally and per country (e.g. Germany: 1 day, elsewhere: 30). The interface shows the legal risk level for every setting.
A built-in, unobtrusive consent request. Whoever accepts is measured across days; about whoever doesn't, no data is collected — a technical guarantee instead of a promise.
Compliance
Not in promises — in architecture. Strict mode rests on three pillars:
The ePrivacy-based rules (German TDDDG §25, Austrian TKG §165) require consent when someone stores on or reads from the visitor's device. Zero does neither.
The request's data (IP, browser) live only for the seconds of processing, in memory — their legal basis is the recognized legitimate interest of audience measurement. Only anonymous data is ever stored.
Once the daily key is destroyed, the earlier data can't be linked to anyone — not by us, not by an authority, not by an attacker. Not a data-handling promise: a cryptographic property.
Zero cookies. Zero banners. Zero data loss. — Analyzza Zero.
Open the dashboard