How our native statistics work
In 2022, because of increasingly stricter cookie regulations, Maglr has switched from Google Analytics to the German platform Pirsch.io for collecting general visitor statistics.
We aim to offer our customers an easy to use, but in-depth overview of visitor statistics, without having to set up complicated cookie consent banners. A frequently asked question is how these statistics can work without cookies and be truly anonymous. In this document we'll explain more about this topic:
Why are cookies used for statistics?
For statistics, you would like to know how a visitor clicks through the pages of a publication. A single view of the number of page views gives you a generic idea, but says nothing about how many pages a visitor has viewed on average.
So you want to know how many unique visitors have visited your publication and which pages have subsequently been viewed from that visitor group. To do this, the individual page views must be merged with a unique identifier. For example, the page views can be combined into a session and linked to a unique visitor.
Previously, cookies were used for this purpose. A small piece of information with a unique number, stored within your web browser and retrieved each time a page view or event is sent. Whether you viewed the publication in the morning or afternoon, the same identification number was always sent from the cookie to recognise you as a person and to easily bundle these page views into a session.
Within Pirsch's statistics, cookies are no longer used for this identifier, but a temporary anonymous identifier is created based on browser data (called a fingerprint).
How do these privacy-friendly statistics work?
If a visitor comes to a Maglr publication (and the standard statistics are activated), an action is sent to stats.maglr.com (Pirsch) for every click.
Every event contains a date, IP address and browser string in addition to the URL or name of the clicked element. This contains the screen resolution, operating system and browser version.
With each request, an anonymous identifier is created from this information (part of IP address, date, browser string, secret salt). This principle is also called fingerprinting.
Only the calculated identifier is now stored, the rest of the information is deleted.
This identifier has been merged in such a way that it is not possible to translate the above information back to a person.
All subsequent page views and events can now be linked to this identifier. This cannot be traced back to a visitor, but it does indicate anonymously that the same visitor has viewed different pages on a publication several times in a row.
The identifier is valid for 24 hours, after which it will be reset.
The information that is ultimately stored within Pirsch are anonymous 'identifiers' with linked page views & events that cannot be traced back to a person or IP address. Even if this database with identifiers would potentially get hacked, the information cannot be traced back to personal details.
How can we be sure that the above principle is applied?
Pirsch releases their source code publicly via Github. This way you (as a developer) can see exactly how it works and whether it matches with their promise.
What do I notice from the above measuring method?
Nothing. In the Maglr dashboard we show the data retrieved from Pirsch in a simple, understandable overview, tailored to better understand the use of your published publications.
Are the data being measured accurate?
The numbers of page views and events are accurate. The identifier that is used to recognise a unique visitor, on the other hand, does not.
Suppose a publication is distributed internally within an organisation, where everyone has the same computer and visits the publication from the same (office) IP address. The identifier that is generated will be the same for multiple visitors in the organisation, which will lead to many page views & events for the same session/visitor in the statistics. The number of page views will be correct at that time. The number of visitors and sessions alone will not.
Do I still have to show a consent banner?
This decision is a bit of a gray area. We don't think so. We do not use cookies and no personal information is stored. The identifier is unusable and rotates every 24 hours. However, your corporate policy may require you to report what happens to all data sent out of the publication. At that time it is possible to display a consent banner with an explanation or reference to a privacy policy.
Can I still use Google Analytics?
Of course. In addition to the standard statistics, you can use GA4 or implement a measurement system yourself via Google Tag Manager. However, make sure that you enable the consent message in this case.
We aim to offer our customers an easy to use, but in-depth overview of visitor statistics, without having to set up complicated cookie consent banners. A frequently asked question is how these statistics can work without cookies and be truly anonymous. In this document we'll explain more about this topic:
Why are cookies used for statistics?
For statistics, you would like to know how a visitor clicks through the pages of a publication. A single view of the number of page views gives you a generic idea, but says nothing about how many pages a visitor has viewed on average.
So you want to know how many unique visitors have visited your publication and which pages have subsequently been viewed from that visitor group. To do this, the individual page views must be merged with a unique identifier. For example, the page views can be combined into a session and linked to a unique visitor.
Previously, cookies were used for this purpose. A small piece of information with a unique number, stored within your web browser and retrieved each time a page view or event is sent. Whether you viewed the publication in the morning or afternoon, the same identification number was always sent from the cookie to recognise you as a person and to easily bundle these page views into a session.
Within Pirsch's statistics, cookies are no longer used for this identifier, but a temporary anonymous identifier is created based on browser data (called a fingerprint).
How do these privacy-friendly statistics work?
If a visitor comes to a Maglr publication (and the standard statistics are activated), an action is sent to stats.maglr.com (Pirsch) for every click.
Every event contains a date, IP address and browser string in addition to the URL or name of the clicked element. This contains the screen resolution, operating system and browser version.
With each request, an anonymous identifier is created from this information (part of IP address, date, browser string, secret salt). This principle is also called fingerprinting.
Only the calculated identifier is now stored, the rest of the information is deleted.
This identifier has been merged in such a way that it is not possible to translate the above information back to a person.
All subsequent page views and events can now be linked to this identifier. This cannot be traced back to a visitor, but it does indicate anonymously that the same visitor has viewed different pages on a publication several times in a row.
The identifier is valid for 24 hours, after which it will be reset.
The information that is ultimately stored within Pirsch are anonymous 'identifiers' with linked page views & events that cannot be traced back to a person or IP address. Even if this database with identifiers would potentially get hacked, the information cannot be traced back to personal details.
How can we be sure that the above principle is applied?
Pirsch releases their source code publicly via Github. This way you (as a developer) can see exactly how it works and whether it matches with their promise.
What do I notice from the above measuring method?
Nothing. In the Maglr dashboard we show the data retrieved from Pirsch in a simple, understandable overview, tailored to better understand the use of your published publications.
Are the data being measured accurate?
The numbers of page views and events are accurate. The identifier that is used to recognise a unique visitor, on the other hand, does not.
Suppose a publication is distributed internally within an organisation, where everyone has the same computer and visits the publication from the same (office) IP address. The identifier that is generated will be the same for multiple visitors in the organisation, which will lead to many page views & events for the same session/visitor in the statistics. The number of page views will be correct at that time. The number of visitors and sessions alone will not.
Do I still have to show a consent banner?
This decision is a bit of a gray area. We don't think so. We do not use cookies and no personal information is stored. The identifier is unusable and rotates every 24 hours. However, your corporate policy may require you to report what happens to all data sent out of the publication. At that time it is possible to display a consent banner with an explanation or reference to a privacy policy.
Can I still use Google Analytics?
Of course. In addition to the standard statistics, you can use GA4 or implement a measurement system yourself via Google Tag Manager. However, make sure that you enable the consent message in this case.
Updated on: 28/03/2024