Back to blog

Anonymous tracking: How to do useful analytics without personal data

Analytics Data privacy & security

Written by , , ,

Published July 4, 2023 · Updated November 14, 2023

Anonymous tracking: How to do useful analytics without personal data

When running into the many restrictions on collecting and using personal data in web analytics, you might be asking yourself: Can I do useful web analytics without personal data?

The simple answer is yes. Although you won’t be able to draw the same conclusions as with personal data tracking, anonymous data collection methods absolutely do provide you with valuable insights into user behavior.

Regulations worldwide, like GDPR or the ePrivacy Regulation, set a high bar for collecting user data. For one, GDPR requires consent to process the data if it’s reasonably likely that such data could be used to identify an individual. The problem is that consent opt-in rates vary between 30% and 70% depending on the industry. 

The solution? 

Anonymizing data about users who don’t consent to personal data processing.

pro tip

If you want to use data about your visitors who don’t consent, the data must be properly anonymized. 

This won’t be the case with Google Analytics.

Analytics platforms featuring anonymous data collection, such as Piwik PRO, offer a viable path to processing user data instead of an all-or-none choice based on consent.

The core benefits of anonymous data from a privacy and regulatory perspective include:

  • You are not dealing with personal data because there is no visitor identification. 
  • You are not using data collected for other purposes (for instance, Google uses the data for advertising and to improve its services).
  • You are not transferring data outside the EU.

Anonymous tracking – how it really works

Piwik PRO gives you three anonymous tracking methods to choose from:

Anonymous tracking with cookies and session data

In this scenario, Piwik PRO deploys a cookie that collects session data but no personal data. The session lasts 30 minutes, after which the web browser removes the identifier.

In this case, session tracking collects events and binds them into a session. The individual cannot be identified or tracked across sessions, so a user can’t be identified as a returning visitor.

The major advantage of this approach is that it gives you more trustworthy data than any other anonymous data tracking method. This method doesn’t create duplicate sessions. Plus, if a visitor decides to grant consent during their session, the session identifier turns into a first-party tracking cookie that will last longer than 30 minutes.

This is a good approach if you need to comply with strict privacy laws.

Anonymous tracking without cookies but with session data

In this method, Piwik PRO deploys an identifier in the form of a session hash. No cookies are created or stored in visitors’ browsers.

The session hash is temporary and kept for 30 minutes after the visitor’s last action. This type of identifier isn’t persistent or used for any analysis.

The platform collects only session data, without personal data. The session hash ties events, such as page views, to one session. 

The major advantage of this method is that it’s permissible under several privacy and cookie regulations, such as German’s TTDSG. The downside is that it is less precise in differentiating visitors, meaning sessions of different visitors may be glued together. The severity of this issue depends on the industry.

Piwik PRO uses a session hash instead of device fingerprinting, which is a more privacy-friendly way to recognize visitors’ sessions.

Anonymous tracking without cookies or session data

This method can’t identify an individual and can’t be used to pinpoint a single session. There are many pieces of data this approach doesn’t track, such as time spent on page, bounce rate, user flows, funnels or channel attribution. 

It’s the strictest way to collect anonymous data, and removes the risk of breaching privacy laws. Despite the lack of visitor and session data, this method is still useful in many business use cases.

Here is a summary of these anonymous data tracking methods:

Piwik PRO tracking methods Anonymous data tracking with cookies and session data Anonymous data tracking without cookies but with session data Anonymous data tracking without cookies or session data
Tracking technology First-party session cookie and session hash Session hash
Visitor data
Session data
Event tracking
New vs. returning visitors
Consent mechanism You can choose full visitor data tracking for visitors who consent and anonymous data tracking for those who ignore the banner or don’t consent You can choose full visitor data tracking for visitors who consent and anonymous data tracking for those who ignore the banner or don’t consent No consent required
All traffic
Traffic sources
Visitor’s location Country, continent Country, continent Country, continent
Channel attribution Last-click Last-click

All three anonymous tracking methods work under the following conditions:

  • The geolocation is based on anonymized IP addresses or is deactivated.
  • No personal data is tracked and stored in the database without explicit consent.
  • Visitors who don’t consent appear as one-time visitors and can’t be identified across sessions, and their actions can’t be tied across multiple sessions. You won’t be able to determine if actions were performed by a returning visitor.

The lack of persistent tracking means your data can’t be used for certain marketing activities, such as:

  • Long-term personalization.
  • Remarketing.
  • Attribution of conversions to actions taken over several visits.

But there are still many ways you can use anonymous data in marketing.

You can get the most value from the two tracking methods that bind the collected event data into sessions. Whether you use the solution with a cookie or session hash depends on your preference and your company’s situation. For example, a session hash will be a safer choice if you are subject to strict cookie laws. 

On the other hand, full anonymous tracking only collects events, making it a more limited source of information. But it still works when session or user-level data isn’t necessary.

How to use anonymous analytics data in your marketing activities

With all the technicalities explained, it’s time to show you some use cases for working with anonymous data.

You will be able to track the following information:

  • Actions performed by users, such as the number of visitors, page views, conversions and time spent on the site. In most cases, you will be able to credit these actions to a single visitor. You’ll know that an anonymous visitor performed actions A, B, and C during their session.
  • Basic attribution – How visitors got to your site, such as through organic search, ad, email campaign, etc.
anonymous tracking in piwik pro
Anonymous tracking in Piwik PRO

Let’s look at a specific case:

A visitor enters a tracked website from Google organic search and doesn’t give consent. They visit a page with an article and read it, view a banner with the promo code for subscribing to a newsletter, then subscribe to the newsletter. After a few hours, they enter the website once more, view a product list, and make a purchase.

Here is what this visitor’s actions will look like for each type of anonymous tracking.

Cookies and session hash

  • The visitor’s IP address is completely erased. 
  • Geolocation is limited to the country level. 
  • The visitor’s actions create a session.
  • The visitor completes a goal: subscribes to the newsletter.
  • The visitor enters a funnel defined for the tracked website.
  • During the subsequent session, the user is not recognized as a returning visitor.
  • The visitor’s purchase is not attributed to Google organic search channel – it’s classified as Direct.
  • Most metrics in Audience, Behavior, and Video Overview are accurate.

No cookies but session hash

This option works in a similar way to the one with cookies and session hash. Due to the nature of cookies, the method with cookies is more resistant to cases when browser setup or IP address changes. Thus, in some cases, the option without cookies and with session hash can be a bit less accurate.

No cookies, no session hash

With this method:

  • The visitor’s IP address is completely erased. 
  • Geolocation is limited to the country level. 
  • The visitor’s actions do not create a session.
  • The visitor completes a goal: subscribing to the newsletter. The goal is not assigned to a specific session.
  • The visitor does not enter a funnel defined for the tracked website.
  • During the subsequent session, the visitor is not recognized as a returning visitor. 
  • The purchase is attributed to the Direct channel. 
  • Metrics like the number of page views, downloads, outlinks, site searches, and custom events (event-scoped metrics) appear correctly.

Anonymous tracking and personal data tracking: a hands-on use case

Now, let’s say a visitor ignores the consent banner, browses for 15 minutes and then consents for you to use their personal data for personalization. 

The data from those 15 minutes of browsing can now be added to their record using a cookie with a longer lifetime – in the case of Piwik PRO, it’s 12 months.

Initially, such data was anonymous, but now it can be used for personalization every time this person visits your website.

Can a website visitor block anonymous tracking?

Since one of the methods is based on a session cookie, you may wonder if it will still work if the visitor blocks cookies, for example, through their browser settings or an ad blocker. There are a few things to clarify:

  1. Most of the tracking cookies contain personal data, but there are exceptions. The session identifier cookie, which Piwik PRO uses for anonymous data collection, doesn’t collect any personal data, as the web browser automatically deletes it after 30 minutes. It’s unlikely to identify a person based on the actions taken on a single website.
  2. In many EU countries, privacy-friendly analytics is exempted from the consent requirement. For example, CNIL, the French data protection authority, has added Piwik PRO Analytics Suite to the list of analytics platforms that can be used to collect data without consent, given a certain configuration and set of limitations.
  3. First-party cookies are rarely blocked. Browsers and ad blocking software are getting more successful in detecting third-party scripts. That said, analytics experts estimate that only about 1% of Internet users deactivate JavaScript or block all cookies. And if that’s not enough, you can always switch to the session identifier without a cookie.

Analytics without personal data – a long history and a promising future

Although anonymous data collection is still rare in web marketing and analytics, it has a long and effective history in other fields. 

Companies need to respond to the data privacy demands of Internet users around the world. Luckily, anonymous data collection methods, like the ones available in Piwik PRO Analytics Suite, will be your friend in achieving it. 

Learn more about privacy-compliant ways to collect analytics data:


David Street

Writer, marketer and data+stats specialist with a left and a right brain | LinkedIn profile

See more posts by this author


Karolina Lubowicka

Senior Content Marketer and Social Media Specialist

An experienced copywriter who takes complex topics of data privacy & GDPR and makes them understandable for all. LinkedIn Profile

See more posts by this author


Sebastian Synowiec

Content Marketing Specialist

Sebastian throws user experience, web analysis and data protection into a pot and shakes it up with creative writing. At Piwik PRO, he delivers easy to read content about new developments and complex topics for various target groups.

See more posts by this author


Małgorzata Poddębniak

Senior Content Marketer

Senior content marketer at Piwik PRO, copywriter, translator and editor. She started as a freelancer, gaining experience with creating versatile marketing content for various channels and industries. Later, she began working as a translator and editor, specializing in academic articles and essays, mainly in the field of history and politics. After becoming interested in SEO, she moved on to work as a content writer for a technical SEO agency. While there, she designed the company newsletter and planned and created in-depth articles, practical guides, interviews, and other supporting marketing materials. She joined Piwik PRO with extensive knowledge of technology, SEO, and digital marketing. At Piwik PRO, she writes about analytics, privacy, marketing, personalization, and data management and explains product best practices and industry trends for different industries.

See more posts by this author