Privacy & Compliance

Cookieless by default. Cookie-enabled when you need it.

Most analytics tools treat privacy as an afterthought. We built Otus the other way around. It runs cookieless out of the box, so there's no consent banner and no personal data to worry about. When you need deeper marketing attribution, you can switch on cookie mode. Either way, your visitors get an experience that doesn't track, profile, or follow them around the web.

Cookieless by default
Cookie mode available
No consent banner required
GDPR compliant
EU hosted
No personal data
No third-party sharing

Cookieless by default

Ships without cookies or persistent identifiers. No consent banner required out of the box.

Cookie mode opt-in

Enable cookies when you need richer marketing attribution. Otus provides a built-in consent layer.

GDPR by design

No personal data collected or stored. No need to list us as a data processor.

EU infrastructure

All servers and data processors are located within the European Union.

Tracking

No cookies, no persistent identifiers.

Otus does not use cookies or any other persistent identifiers to track visitors. We generate an anonymous daily identifier from a few technical signals: IP address, User-Agent and a per-site salt. The IP address and User-Agent are never stored. They are used during hashing and then thrown away.

Because the salt is unique per site, the same visitor on two different Otus-powered sites produces two completely different identifiers. There is no way to link or match them across sites.

Every session expires after 24 hours. After that, a returning visitor is treated as new, which prevents any long-term profiling, even in aggregate.

Since there are no cookies, your website needs no cookie-consent banner for analytics. Your visitors get a cleaner experience and you get accurate data, with no consent fatigue and no blocked tracking scripts.

Data

Minimal data. Everything in aggregate.

The goal of Otus is to show you overall trends in your website traffic, not to track individual visitors. All data is aggregate only. There is no visitor-level detail, no session replays and no heatmaps of individual behaviour.

We collect only the essential signals needed to give you a useful, actionable picture of your traffic. Nothing else.

What we collect

  • Pages visited
  • Referrer sources & UTM parameters
  • Country and language
  • Browser, OS and screen size
  • Custom events (opt-in)

What we never collect

  • IP addresses (not stored)
  • Names, emails or any PII
  • Cross-site behavioural profiles
  • Data for advertising purposes
  • Session recordings or heatmaps
Regulation

GDPR, CCPA and PECR compliant.

Because Otus does not use cookies and does not collect personal data, we are compliant with GDPR, CCPA, PECR and ePrivacy by design, not by configuration. There is nothing to turn on or off.

Multiple EU data protection authorities have ruled that Google Analytics violates GDPR by transferring personal data to US servers. Switching to Otus removes that risk entirely. All data stays in the EU, processed only by EU-based infrastructure, under EU law.

You do not need to add Otus to your privacy policy as a data processor. We do not act as a processor of personal data because we do not collect any.

Visitors who decline a cookie banner on other tools simply aren't counted. With Otus there is no banner and every visitor is counted, which gives you a more complete and accurate picture of your traffic.

Infrastructure

Built and hosted in the EU.

Otus Analytics is designed and operated entirely within the European Union. All servers, all data processing and all infrastructure are EU-based. Your analytics data never leaves EU borders. No transatlantic transfers, no standard contractual clauses and no grey areas.

We use European cloud providers exclusively. No data is routed through US-owned services at any point in the pipeline.

Ownership

Your data. Your control.

When you use Otus, you own and control all of your website data. You can export or delete everything at any time, with no questions asked and no retention period imposed beyond what you configure.

Otus is funded entirely by subscriptions. We do not sell your data, show ads, or share visitor information with any third party. There is no advertising business model to protect, no investor pressure to monetise your data, and no incentive to do anything with it other than show it to you.

Cookie mode

Two modes. You decide which one fits.

Most sites are happy on the cookieless default, and it needs no setup at all. But if your business runs on marketing attribution or you want to recognise returning visitors across sessions, cookie mode is one switch away. You decide what gets collected, and when.

Cookieless mode

Default
  • No cookies or persistent identifiers set
  • No cookie consent banner required
  • Anonymous daily identifier, with IP and User-Agent never stored
  • Session expires after 24 hours automatically
  • Fully GDPR, CCPA and PECR compliant
  • Every visitor counted, with no consent drop-off

Suitable for most sites. Fully GDPR compliant. No legal review required.

Cookie-enabled mode

Opt-in
  • Optional first-party cookies for cross-session tracking
  • Accurate returning visitor identification
  • Marketing attribution across sessions and campaigns
  • Conversion funnel tracking with full journey data
  • Built-in consent layer, compliant banner included
  • Granular opt-in: enable only the cookie features you need

Requires a cookie consent banner. Otus provides a built-in consent layer you can customise.

Early access

Ready to meet your new web analyst?

Join the beta. Get clear, privacy-respecting analytics on your site in under five minutes.