[HN Gopher] Show HN: Google Analytics alternative with the most ...
___________________________________________________________________
Show HN: Google Analytics alternative with the most generous free
tier
Hi HN, As an indie hacker, the new Google Analytics (GA4) coming
motivated me to look for a straightforward alternative that would
also be affordable. I had a few basic product requirements and
didn't want to spend too much to replace a free product. There are
a lot of great Google Analytics alternatives out there, but the
pricing didn't seem right. As someone who likes to just build
things, many of which aren't businesses yet, it didn't make sense
to pay for options like Plausible and Fathom out of the gate. So I
joined with a friend to build Beam Analytics. Beam gives you all
the standard web analytics. It also comes with easy to create
funnels so you can see how users move through your site. And we
have a great proxy for cohort retention that doesn't need you to
log any data with us. It's cookie-less and GDPR compliant. The
free tier is 100k page views per month so hopefully you'll give it
a try. There's also a Wordpress integration to make integrating
with WordPress sites as easy as a single click -
https://wordpress.org/plugins/beam-analytics/. Appreciate your
feedback. You can also email us at hi (at) beamanalytics.io or DM
me on twitter @TheBuilderJR.
Author : flurly
Score : 37 points
Date : 2023-04-12 13:40 UTC (1 days ago)
(HTM) web link (beamanalytics.io)
(TXT) w3m dump (beamanalytics.io)
| [deleted]
| openplatypus wrote:
| How do you justify GDPR compliance?
|
| GDPR compliance is not to be confused with privacy.
|
| You don't have Data Protection Officer (even if you have one, you
| ought to publish their details). Neither does Plausible.
|
| Your privacy policy lacks details, e.g.: where you process data
| and what is data retention.
|
| You are incorporated in not an Adequate Country, meaning you face
| challenges becoming GDPR-compliant without additional measures
| that span beyond SCCs. Similarly to Fathom (BC is not under
| PIPEDA, hence is not adequate).
|
| Privacy-friendly? Probably. GDPR-compliant? No.
| shll wrote:
| Hi - this is the other co-founder of Beam. Thank you for your
| comments and questions.
|
| 1. We are incorporated in the UK. I could be wrong but I think
| the European Commission did indicate that the UK was an
| Adequate Country?
|
| https://commission.europa.eu/law/law-topic/data-protection/i...
|
| 2. For the details that our privacy policy lacks, I think they
| can be found in our Data Policy. Any further issues, please let
| us know.
|
| https://beamanalytics.io/data
|
| 3. On the Data Protection Officer, I think one is only needed
| if sensitive data on a large scale is processed.
|
| https://commission.europa.eu/law/law-topic/data-protection/r...
|
| The definition of sensitive data can be found on this EU site
| and Beam does not process any of this type of data.
|
| https://commission.europa.eu/law/law-topic/data-protection/r...
| ceejayoz wrote:
| Re-read that link at #3. Here's the key bit.
|
| "its core activities involve processing of sensitive data on
| a large scale ---> OR <--- involve large scale, regular and
| systematic monitoring of individuals"
|
| Any analytics provider is fundamentally doing "large scale,
| regular and systematic monitoring of individuals".
| openplatypus wrote:
| 1. My apologies. I as looking at the link from WordPress.
| Right. As UK entity you are good.
|
| 2. Your subprocessor uses AWS. No way to stay compliant if
| you transmit visitor IP to US cloud (even if they use
| European servers).
|
| 3. Sadly, wrong. You should immediately consult privacy
| professional. DPO is necessary. There are 3 tests.
|
| https://ico.org.uk/for-organisations/does-my-organisation-
| ne...
|
| Answer to question 2 is yes btw.
|
| You are not compliant without DPO and because you are using
| AWS, even if indirectly.
| neom wrote:
| Are you saying there is _no way_ to use AWS and be GDPR
| compliant? Or the way that OP is using AWS isn 't GDPR
| compliant?
| shll wrote:
| Thank you for your follow up.
|
| 1. Glad we're in agreement!
|
| 2. We agree it is not GDPR compliant to transmit IP address
| data to the US. This is why we salt and hash all PII data
| so no IP address data is sent to the US. Please see our
| data policy.
|
| https://beamanalytics.io/data
|
| 3. Thank you for your suggestion. We have already consulted
| privacy professionals and have been assured no DPO is
| required.
|
| Thank you for this conversation about GDPR. We appreciate
| your interest in Beam's work.
| mattw2121 wrote:
| This is exactly why I ignore the GDPR.
| Nextgrid wrote:
| > GDPR compliant.
|
| The simple fact of sending PII such as IP addresses to a third-
| party for something that can trivially be done via analyzing
| existing server logs (without introducing a third-party) already
| puts this on shaky grounds from a GDPR point of view regardless
| of everything else.
| zkid18 wrote:
| People sometimes mix the terms and occasionally confuse the
| terminology, as they often associate GDPR with the concept of
| "not needing a consent banner." So, yes, you don't need to ask
| for consent to collect IP addresses to use in analytical
| purposes or logging. Consent (Article 6 (1)a [0]) is indeed one
| of the conditions that can be used to comply with the GDPR
| requirement that processing must be lawful. Still, there are
| other conditions available to the controller to ensure lawful
| processing. There are alternatives (before the list of
| conditions, it says that "at least one of the following" must
| be satisfied). Logging IP addresses for security is an
| extremely widespread practice. It is a legitimate interest to
| comply with standard security practices.
|
| The GDPR mandates that the entire data processing cycle
| maintain a high standard of data protection. This implies that
| personal data transfers to non-European nations are allowed
| only if they ensure an adequate level of data protection.
| Otherwise, contractual agreements (SCCs) between data exporters
| and importers may translate GDPR's provisions into an
| enforceable agreement with the foreign importer, ensuring their
| processing aligns with GDPR.
|
| The US had an adequacy decision termed "Privacy Shield," which
| was revoked due to concerns surrounding the rule of law vis-a-
| vis US mass surveillance laws. Due to similar reasons,
| contracts with US-based data importers may also be invalid.
| Additionally, using EU-based services from US-controlled
| companies is increasingly becoming worrisome.
|
| Beam's approach relies on a weaker variant, which leverages a
| hash function to derive a pseudo-random ID from user-
| identifying information, such as the IP address. Although
| Beam's technique circumvents the need for a large lookup table,
| an unscrupulous server operator could log the daily key and use
| it to recover the original data from hashed IDs.
|
| The flaw in this approach is that it still hinges on
| identifying data. While it serves as a good compliance and
| security measure, it doesn't alter anything significant from
| GDPR's standpoint. The same applies to competitive solutions
| like Plausible or Fathom.
|
| Disclaimer: Consult with your legal; I am just a product guy.
| Explored the field to do a similar product a while ago.
|
| [0] https://gdpr-info.eu/art-6-gdpr/
| mNovak wrote:
| Appreciate the free tier. I seem to recall looking around at
| analytics options and them being too expensive for my idle
| projects.
|
| Is there more documentation on "custom events" (listed on the
| pricing page)? I assume this is just an API I can arbitrarily
| ping. Can that be used for cohort/funnel analysis instead of a
| /page; e.g. for a single-page app?
| flurly wrote:
| Yes absolutely! You can use custom events in both funnels and
| cohort analysis. You can read more about it here
| https://beamanalytics.io/blog/custom-events-on-beam
| williamstein wrote:
| I'm interested in Beam Analytics partly because I personally find
| the new Google Analytics 4 user interface (especially around
| cohorts) to be surprisingly frustrating to use, and I have used
| the previous versions of Google Analytics for 10+ years. Is it
| just me, or did Google Analytics 4 also just get redesigned in a
| strangely more frustrating way?
| twelve40 wrote:
| it's unusable! I'm sure _someone_ can use it, but the old one
| needed almost no explanation, and this... I 'm definitely
| shopping around now
___________________________________________________________________
(page generated 2023-04-13 23:00 UTC)