February 02, 2022
February 02, 2022
What is a cookie?
Cookies are files or text files that contain small amounts of information that are downloaded and stored on the user's device, through their browser, when they visit a web page.
Cookies can be categorised according to the purpose they serve. There are cookies that are strictly necessary for the website to function. Other cookies collect statistical information to analyse the use of the website and its performance, to ensure the availability of additional features to the website, or to save the visitor's preferences, regarding navigation, whenever using the same device. Finally, there are cookies that may serve to measure the success of applications and the effectiveness of third-party advertising.
What are cookies used for?
The main objective of cookies is to simplify navigation and allow the user to make better use of the website. For this purpose, the user gets recognised whenever they access the site. This eliminates the need to enter the same information repeatedly and leads to faster, more efficient, and better quality navigation. The information collected by cookies also helps webmasters to improve a website by enabling them to monitor the web pages on the website.
We, committed to our privacy statements, have no interest in collecting the cookies of our users. As such, we use a tool that ensures all the site measurements are carried out absolutely anonymously, but we want you to be informed of the process.
What do we measure with Plausible Analytics?
We use Plausible Analytics to measure data on our website. Plausible Analytics is an “open-source project dedicated to making web analytics more privacy-friendly.” We use Plausible Analytics to measure only the most essential data points and nothing else and, despite not being considered Personal Data, we want you to be aware of this.
So you’re fully aware of how we use Plausible Analytics to measure data, below we’ve provided the complete list of what we do collect and store (even though it’s is not considered, technically, a cookie technology) about our website visitors:
- Page URL: We track the page URL of each page view on our website. We use this to check which pages have been viewed and how many times a particular page has been viewed. The hostname and path are collected. Query parameters are discarded, except for these special query parameters: ref=, source=, utm_source=, utm_medium= and utm_campaign=.
- HTTP Referer: We use the referrer string to tell us how many visitors have been referred to our website from links on other sites.
- Browser: We use the referrer string to show us the number of visitors referred to our website from links on other sites.
- Operating system: We use this to understand what operating systems people use when visiting our website. We show the brand of the operating system and the version number. This is derived from the User-Agent HTTP header. The full User-Agent is discarded.
- Device type: We use this to know what devices people use when visiting our website. This is derived from window.innerWidth. The actual width of the browser in pixels is discarded.
- Visitor Country: We look up the visitor’s country of origin (the country they are in when they access our website) using the Plausible tool to check the IP address of the visitor. We do not track anything more granular than the country of origin and the IP address of the visitor is discarded. We never store IP addresses in our database or logs.
As an IP address might be considered as Personal Data (if known with any technical change) we use Plausible Analytics, to maintain a reasonable balance between de-duplicating pageviews and staying respectful of visitor privacy.
How we ensure a balance between de-duplicating pageviews and visitor privacy
Every single HTTP request sends the IP address and the User-Agent to the server, so that's what we use to ensure a balance between de-duplicating pageviews and visitor privacy. We generate a daily changing identifier using the visitor’s IP address and User-Agent. To anonymize these datapoints and make them impossible to relate back to the user, we run them through a hash function with a rotating salt.
This generates a random string of letters and numbers that are used to calculate unique visitor numbers for the day. The raw data IP address and User-Agent are never stored in our logs, databases, or anywhere on disk at all.
Old salts are deleted every 24 hours to avoid the possibility of linking visitor information from one day to the next. Deleting used salts also removes the possibility of the original IP addresses being revealed in a brute-force attack. The raw IP address and User-Agent are rendered completely inaccessible to anyone, including ourselves.