How we use analytics as a privacy focused OSS company
TLDR: Privacy is really important for us at Unleash. Here you will find the full story on how we ended up with an analytics solution that does not collect personal data and has very short retention. Whenever we evaluate a new feature at Unleash, we always start with one question. How does this fit with our values? This question is powerful. It can quickly qualify or disqualify a feature from consideration, putting some amount of work in an explore further bucket and some amount of work in a forget about it bucket.
When it comes to analytics, this has been a very difficult question. On one hand, as a team who cares deeply about their product, we feel the need to become more data-driven in our approach. For example, where to prioritize our efforts, how to figure out what features are being used the most in our product, which screen should we revamp next, and should we even care about mobile for a developer-centric product? As a small team, getting some breadcrumbs on where to focus next, or perhaps more importantly — which questions we should ask — can be very valuable.
On the other hand, we pride ourselves on being a very privacy-focused company. Our product core is open source, which means that you can copy, use and even enhance our code with your own modifications to get the version of Unleash that works best for your use case. This also means that you can self-host unleash and take full control of your data. However, if you don’t want to manage your own instance and instead opt for our SaaS platform — you can rest assured that unleash is architected in such a way that your domain data never leaves your application. We never see any of your data, because all feature toggle evaluation happens locally in the SDKs.
I’m not going to lie. Reconciling our needs with our values has been a challenging effort. We live in n a world where privacy is becoming more and more important, as evidenced by a significant amount of major breaches, and misuse of data in terms of swaying voter opinion in democratic elections.
It’s becoming increasingly obvious that data needs to be protected. For companies, data can represent critical business functions, information about customer relationships, or proprietary information. For the regular consumer, data is deeply personal. It’s about who you are, what your habits are, who in your life is important and what you care about. If we allow bad actors access to this information the consequences for both companies and consumers can be significant. As a SaaS vendor, it’s our responsibility to take these concerns into account when making decisions. It’s unacceptable to compromise on our own values to gain an advantage, which is why this is a decision we have not made lightly.
With this in mind, are there any analytics alternatives that can satisfy these strict requirements? Considering that France, Austria and Netherlands banning google analytics for GDPR violations it’s obvious that traditional analytics providers should deliver higher privacy standards.
How can we make sure that we don’t collect personal data, while still gaining some actionable information about the usage of our SaaS platform?
After evaluating multiple vendors, we eventually landed on Plausible. Here are some of the reasons why we chose this vendor:
- The product is open source, allowing us to self-host Plausible.
- No personal data is collected – Plausible does not track and store any PII
- No tracking across devices
- Data is aggregate only
- Data is only scoped to a single day
- Minimized data collection
- Minimal footprint (<1kb)
These reasons and the ease of use of this product have made an otherwise hard decision a lot easier. The fact that options like Plausible are growing reflects the shift in the industry towards a privacy-first approach, and we believe that we will continue to see increased attention to this area in the future. We are proud to be a part of preserving the privacy of companies and individuals on the internet, and celebrating tools like Plausible which enable actionable insights for companies like ours without compromising our core values.
If you have any questions regarding our integration with Plausible, or what kind of data we collect in our SaaS platform, feel free to reach out to us on slack or social media to keep this discussion going! #privacyfirst