GDPR Compliance

Last Updated: January 17, 2026

Our Commitment to GDPR Compliance

FastStats.io is designed from the ground up to respect user privacy and comply with GDPR requirements. Unlike traditional analytics platforms, we:

• Do not use cookies - No consent banners required
• Do not track individuals - No personal data collection
• Do not create user profiles - No cross-site tracking
• Anonymize all data - IP addresses are never stored
• Store data in the EU - All data remains within European borders

Legal Basis for Data Processing

We process analytics data based on legitimate interests (Article 6(1)(f) GDPR). Our legitimate interest is to provide website owners with privacy-respecting analytics to understand how their websites are used and improve user experience.

Since FastStats does not collect personal data or use tracking technologies, the risks to data subjects are minimal, and their fundamental rights and freedoms are fully protected.

Data We Process

FastStats collects only aggregated, anonymous statistical data:

What We Collect:

• Page views - URLs of pages visited (without personal parameters)
• Referrer sources - Where visitors came from (search engines, social media, etc.)
• Browser type - General browser information (e.g., "Chrome", "Firefox")
• Device type - General device category (desktop, mobile, tablet)
• Country/Region - Derived from IP address, then immediately discarded
• Visit duration - Time spent on pages (aggregated)

What We DO NOT Collect:

• ❌ IP addresses (anonymized immediately, never stored)
• ❌ Personal identifiable information (PII)
• ❌ Cookies or persistent identifiers
• ❌ User fingerprints
• ❌ Cross-site tracking data
• ❌ Precise location data
• ❌ Email addresses or contact information

Your Rights Under GDPR

Since FastStats does not collect personal data, most GDPR rights (access, rectification, erasure, etc.) are not applicable. However, we respect the following principles:

Right to Object (Article 21)

You can opt-out of FastStats analytics at any time. Website owners using FastStats should provide visitors with information about analytics and an opt-out mechanism if requested.

Transparency (Article 12-14)

We are completely transparent about our data processing. This page, along with our Privacy Policy, provides full disclosure of our practices.

Data Minimization (Article 5(1)(c))

We collect only the minimum data necessary to provide website analytics. We do not collect any data beyond what is strictly needed.

Storage Limitation (Article 5(1)(e))

Analytics data is retained for a maximum of 24 months. After this period, data is automatically deleted. Website owners can choose shorter retention periods.

Data Protection Measures

We implement industry-standard security measures to protect data:

• Encryption in transit - All data transmission uses TLS/SSL encryption
• Encryption at rest - All stored data is encrypted
• Access controls - Strict access limitations to data
• Regular audits - Ongoing security assessments
• Data anonymization - All data is anonymized at collection
• EU data residency - Data never leaves the European Union

No International Data Transfers

All FastStats data is processed and stored exclusively within the European Union. We do not transfer data to third countries or international organizations. This eliminates concerns about adequacy decisions, standard contractual clauses, or binding corporate rules.

Data Processing Agreement (DPA)

For our customers (website owners), we act as a data processor. We provide a comprehensive Data Processing Agreement (DPA) that includes:

• Subject matter and duration of processing
• Nature and purpose of processing
• Type of personal data (none/anonymized only)
• Categories of data subjects
• Obligations and rights of the controller
• Security measures (Article 32)
• Sub-processor requirements (Article 28(2))

Contact us to request a signed DPA for your organization. View our complete Data Processing Agreement here.

No Consent Required

Because FastStats does not use cookies, does not track users, and does not collect personal data, no user consent is required under GDPR or the ePrivacy Directive (Cookie Law).

This means:

• ✅ No cookie consent banners needed
• ✅ No privacy policy updates required specifically for FastStats
• ✅ No impact on user experience
• ✅ Full GDPR compliance out-of-the-box

Compliance with Other Regulations

In addition to GDPR, FastStats complies with:

• ePrivacy Directive (Cookie Law) - No cookies used
• CCPA (California) - No personal information sold or shared
• PECR (UK) - No electronic communications tracking
• LGPD (Brazil) - Privacy-by-design principles

Data Protection Officer

Supervisory Authority

If you have concerns about our data processing practices, you have the right to lodge a complaint with your local data protection authority. For organizations in Slovakia, the supervisory authority is:

Updates to This Policy

We may update this GDPR compliance statement from time to time to reflect changes in our practices or legal requirements. The "Last Updated" date at the top of this page indicates when changes were last made.

Significant changes will be communicated to our customers via email.

Contact Us

If you have any questions about our GDPR compliance, data processing practices, or wish to exercise your rights, please contact us: