If you run a website in the EU or serve EU users, you’ve almost certainly encountered the General Data Protection Regulation (GDPR) and its requirements around user consent. But not all data collection needs consent—and that's where many analytics tools cross a line that Glass Analytics was built to avoid.
In this post, we’ll explain:
- When GDPR requires consent
- When it doesn’t
- How Glass Analytics fits into this picture
When Does GDPR Require Consent?#
GDPR requires consent when you collect personal data and there’s no other lawful basis for processing it. One common lawful basis is “legitimate interest”—but this doesn’t apply when the data collected is:
- Not essential for the operation of your site
- Involves tracking users across services (e.g., for advertising or behavioral profiling)
The most common scenarios that require consent:
- Setting cookies for tracking (e.g., Google Analytics, Facebook Pixel)
- Cross-site tracking for ad personalization
- Collecting personal identifiers, such as IP addresses tied to identities
- Building user profiles, even anonymously, if they persist across sessions or domains
If your analytics tool uses cookies or tracks users over time and across pages, you’re required to display a cookie banner and get explicit opt-in consent before any data is collected.
When Is Consent Not Required?#
GDPR allows data collection without consent if:
- No personal data is collected (e.g., fully anonymized data)
- Only strictly necessary cookies are used (e.g., for login functionality)
- The data is collected under legitimate interest and doesn’t infringe on user rights
This is the legal foundation for privacy-first analytics tools like Glass Analytics.
How Glass Analytics Avoids the Need for Consent#
Glass Analytics was built from the ground up to avoid needing cookie banners or user opt-ins—by not collecting personal data in the first place.
Here’s how:
- No cookies. Glass Analytics is 100% cookieless
- Anonymous session tracking. Sessions are calculated using an MD5 hash of the client’s IP and the current date—creating a unique but non-identifiable fingerprint that resets daily
- No persistent identifiers. We don’t track users across days or devices
- No cross-site tracking. Each site’s data stays siloed, with no tracking beyond your domain
Because we only collect aggregated, anonymized usage data, you likely don’t need a cookie banner when using Glass Analytics—freeing you from one of the most annoying parts of GDPR compliance, while still getting insights into how your website performs.
Summary#
| Feature | Glass Analytics | Traditional Analytics |
|---|---|---|
| Uses cookies? | ❌ | ✅ |
| Requires user consent? | ❌ | ✅ |
| Tracks users across sessions? | ❌ | ✅ |
| GDPR compliant by design? | ✅ | 🚧 (Requires setup) |
Glass Analytics helps you stay compliant by design, not by legal acrobatics.
If you want simple, privacy-conscious insights without cookie banners or legal worries, Glass is the alternative you’ve been looking for.
