Cookieless Analytics & Data Minimization
ISMS Copilot uses PostHog for product analytics in full cookieless mode with in-memory persistence only. No cookies or browser storage are written to your device, demonstrating our commitment to data minimization and privacy-first design.
How Cookieless Analytics Works
Our PostHog implementation is configured to maximize user privacy while still allowing us to improve the platform:
Cookieless mode: Always enabled—no tracking cookies are set in your browser
In-memory persistence: Session data exists only in browser memory and is lost on page reload
No individual tracking: PostHog counts aggregate usage (like "50 people viewed this page") but creates no individual user profiles. You're never tracked as a specific person across sessions.
Server-side hashing: Anonymous usage counts rely on privacy-preserving server-side hashing, not client-side identifiers
Zero persistent tracking: When you close your browser or refresh the page, all analytics session data is immediately cleared. Even when logged in, we only see aggregate numbers—not individual behavior patterns.
PostHog Dashboard Configuration
Our PostHog instance is configured with the following privacy-first settings:
✅ Cookieless server hash mode: Enabled
✅ Discard client IP data: Enabled (no IP address logging)
✅ EU Cloud: Frankfurt, Germany (GDPR-compliant infrastructure)
❌ Session replay: Disabled (we never record your screen or keystrokes)
❌ Heatmaps: Disabled (no detailed interaction tracking)
Technical Implementation
The cookieless configuration is implemented directly in our application code:
cookieless_mode: 'always'This configuration ensures that PostHog operates in the most privacy-respecting mode possible while still providing aggregate usage insights that help us improve the platform.
Data Minimization Principles
Cookieless analytics directly supports GDPR's data minimization principle (Article 5(1)(c)), which requires that personal data be:
Adequate: Sufficient for understanding product usage
Relevant: Only features and error patterns, not personal browsing habits
Limited: No unnecessary identifiers like cookies, IP addresses, or device fingerprints
By using in-memory persistence and server-side hashing, we collect only what's needed to measure aggregate platform health and feature usage—without creating persistent user tracking profiles.
What We Track
With cookieless analytics, we collect:
Anonymous page views and feature usage counts (via server-side hashing)
Error events and performance metrics (anonymized)
Session duration (in-memory only, cleared on reload)
For authenticated users only: User ID (UUID) to understand logged-in feature usage
What We Don't Track
Cross-session behavior (session data is cleared on reload)
IP addresses (discarded by PostHog)
Browser fingerprints or device identifiers
Conversation content or uploaded documents (never shared with analytics)
Detailed user interactions like clicks, scrolls, or form inputs (heatmaps disabled)
Screen recordings or keystroke logging (session replay disabled)
While cookieless mode significantly enhances privacy, it does mean that some analytics features (like detailed user journey tracking) are intentionally unavailable. We've chosen privacy over detailed tracking.
EU Data Residency
All PostHog analytics data is processed and stored in:
Location: Frankfurt, Germany (AWS EU-Central-1)
Provider: PostHog EU Cloud
Compliance: GDPR-compliant infrastructure with no data transfers outside the EU
Comparison to Traditional Analytics
Feature | Traditional Analytics | ISMS Copilot (Cookieless) |
|---|---|---|
Tracking cookies | ❌ Persistent cookies | ✅No cookies |
Cross-session tracking | ❌ Tracks across visits | ✅ Session-only (memory) |
IP address logging | ❌ Often logged | ✅ Discarded |
User profiles | ❌ Anonymous + identified | ✅ Identified only (logged-in) |
Data location | ⚠️ Varies (often US) | ✅ EU only (Frankfurt) |
Session replay | ⚠️ Often enabled | ✅ Disabled |
Why This Matters
Cookieless analytics reflects our broader commitment to:
Privacy by design: Building data protection into our technical architecture, not as an afterthought
Transparency: Openly documenting exactly what we track and how
Data minimization: Collecting only what's necessary for product improvement
User control: Ensuring analytics cannot be used to track individual behavior across sessions
If you have questions about our analytics practices or want to understand how specific features are measured, contact support through the Help Center.
Related Resources
Privacy Policy - Complete data processing documentation
Data Privacy & GDPR Compliance - Your privacy rights explained
Security & Data Protection Overview - Infrastructure and security measures
Register of Processing Activities (ROPA) - Detailed processing records