EN FR

Tag: Gdpr

All blog posts with this tag.

Session replay and CNIL: what teams should verify after the 2026 consultation

Session replay and CNIL: what teams should verify after the 2026 consultation

On February 25, 2026, the CNIL opened a public consultation on a draft recommendation for session replay tools. The consultation period ended on April 22, 2026. As of this article's publication date, teams should treat the draft as a strong warning signal while monitoring the final recommendation. Session replay tools are not ordinary audience-measurement tools. They can record detailed interactions: scrolling, clicks, form behavior, interface hesitations and sometimes typed content if masking is incomplete. That level of detail creates a different risk profile from aggregated traffic statistics. The practical consequence is simple: product, marketing and support teams should not activate session replay as a casual dashboard add-on. It needs a documented purpose, minimization settings, masking, access control, retention limits and a clear decision on when recording is allowed. What makes session replay sensitive Session replay can help diagnose UX issues, broken forms or confusing flows. But the same recording can reveal personal data, sensitive fields, account context or unexpected behavior. A misconfigured tool can collect more than the team intended. That is why the CNIL draft focuses on proportionality and safeguards. The useful question is not whether a vendor is popular. It is whether your configuration actually limits what is captured, who can view it and how long it remains available. A launch checklist for teams Before enabling session replay, review these points:define the exact purpose: UX debugging, support investigation, quality assurance or another documented need; disable recording by default on sensitive pages and authenticated areas unless there is a validated reason; mask form fields, free-text inputs, account data and any field that can contain personal or sensitive information; limit the share of sessions recorded instead of recording every visit; restrict access to named roles and audit who can view recordings; set a short retention period and delete recordings after the operational need ends; document the tool, provider, transfers and retention in your privacy materials; verify that the recording state follows your consent and preference-management setup; keep a rollback procedure to disable recording quickly if a leak or spike is detected.How this differs from Pomelo's core analytics Pomelo's launch positioning is deliberately different. The default analytics model is cookieless, minimal and report-oriented. It is designed to answer operational questions with aggregate data, not to replay individual user journeys. That distinction matters. Session replay can be useful in a narrow debugging workflow, but it should not be confused with privacy-first audience measurement. For most SME, SaaS and multi-site teams, the baseline analytics stack should remain lighter than a recording tool. What to do now If you already use Hotjar, Microsoft Clarity, FullStory or a similar tool, run a short audit before launch:list every page where recording is active; inspect the last 20 recordings for accidental personal data capture; review masking rules with a non-technical stakeholder; confirm retention and access controls; decide whether the tool is still needed permanently or only during limited research windows.If the team cannot explain why recordings are necessary, it is safer to disable them until the purpose and safeguards are documented. Sources Sources checked on May 9, 2026.CNIL, Session replay consultation, February 25, 2026 CNIL, Cookies and audience measurement solutions Hotjar, Privacy and security Microsoft Clarity, Privacy overview

GDPR audience measurement: the CNIL framework to understand before choosing a tool

GDPR audience measurement: the CNIL framework to understand before choosing a tool

Audience measurement is no longer just a tooling decision. It is a governance decision. An SMB may legitimately want to understand pages, sources and simple conversions without turning its website into a heavy marketing stack. That is a reasonable goal. The mistake is to turn a privacy-first product choice into a blanket legal promise. The CNIL framework is more specific. It describes conditions under which strictly limited audience measurement can, in some cases, be implemented with a lighter consent burden. That position depends on the real purpose, configuration, retention period, absence of cross-use, provider role and visitor information. The useful question is therefore not "which tool removes all legal work?". The useful question is: does my actual setup remain within a documented, minimal and verifiable audience-measurement perimeter? What the CNIL framework says The CNIL explains that traffic and performance statistics can be necessary for operating a website or application. It therefore describes a limited perimeter for audience-measurement trackers, provided the purpose stays strictly focused on the site or app audience and is carried out for the publisher's exclusive account. The framework excludes uses that combine the data with other processing, send non-anonymous data to third parties, or follow a person globally across several websites or applications. The CNIL also recommends informing users, limiting tracker lifetime, capping retention for collected information and periodically reviewing those periods. It provides a self-assessment tool to help vendors document their analysis. That nuance matters. Self-assessment is not certification, and it does not prejudge what the CNIL could conclude during an investigation. Site publishers still need a cautious, documented reading of their setup. The criteria that should guide the choice Before choosing an analytics solution, check these points first. 1. Strictly limited purpose Collection should help understand traffic, performance, content viewed or navigation issues. If the same tool is used for retargeting, advertising activation, profiling or CRM enrichment, the setup no longer fits a minimal audience-measurement perimeter. 2. No vendor reuse The provider should process data for your account. Reuse for the provider's own services, advertising, global benchmarks or loosely governed product improvement increases risk. 3. No cross-site tracking An identifier shared across several publishers or domains to follow global browsing behavior is incompatible with minimal audience measurement. 4. Statistical data and limited retention The logic should remain aggregated and proportionate. Retention periods should be limited and reviewed. Raw or pseudonymized records should not become a permanent marketing archive. 5. Clear visitor information Even when a lighter collection setup is possible, visitors still need clear information. The privacy policy should explain what is collected, why, for how long, by whom and how rights can be exercised. Strict and Extended: a useful product separation For privacy-first analytics, separating a minimal mode from an enriched mode is clearer than offering one vague switch. Strict should cover the core needs: page views, readable sources when available without enrichment, volumes, trends and simple conversions. It should minimize fields and avoid data that is not necessary for the stated purpose. Extended should be explicit. It can support richer needs: detailed UTM campaigns, advanced events, goals, technical context, segmentation or multi-site analysis. Those uses can be legitimate, but they should be treated as configuration choices, not as the silent default. This distinction helps product teams, DPOs, marketers and clients talk about the same operational reality. The checklist before publishing Before presenting your analytics setup as launch-ready, document at least:the exact measurement purpose; the fields collected in Strict; the fields added in Extended; retention periods; absence of cross-use with other processing; potential transfers and contractual basis; the updated privacy policy; the internal or vendor analysis based on CNIL sources; the profile-change procedure; the owner who approves collection changes.This documentation does not replace legal review, but it prevents marketing copy from becoming operational debt. What Pomelo should promise publicly The strongest position is not an absolute claim. It is a controlled product promise:cookieless by default; minimal collection; clear documentation of collected fields; explicit Extended configuration when teams need richer detail.That is more durable than a slogan. European SMBs, B2B SaaS teams and multi-site digital teams need analytics that is readable, governable and stable over time. Sources Sources checked on May 9, 2026.CNIL, Cookies and audience measurement solutions CNIL, audience-measurement self-assessment tool, July 2025 Article 82 of the French Data Protection Act

CNIL sanctions: what analytics teams should learn before launch

CNIL sanctions: what analytics teams should learn before launch

CNIL sanction decisions are useful because they show patterns, not just headline amounts. For analytics teams, the lesson is clear: risk rarely comes from measuring traffic in itself. It comes from unclear purposes, tracking before a valid choice, excessive collection, weak information, poor retention and provider relationships that nobody has reviewed. This article does not try to predict a fine. It gives product, marketing and legal teams a launch checklist grounded in the CNIL's public sanction list and cookie guidance. The recurring analytics risks 1. Tracking starts too early If advertising, personalization or advanced tracking fires before the visitor's valid choice is recorded, the compliance issue is immediate. Teams should verify scripts in the browser, not only in a tag manager diagram. 2. The purpose is too broad "Analytics" can hide several purposes: audience measurement, ad attribution, retargeting, product analytics, support, personalization and CRM enrichment. These purposes do not carry the same risk or consent analysis. They must be separated in configuration and documentation. 3. Data is kept too long Retention is a recurring sanction theme across CNIL decisions. Analytics teams should define retention for raw events, derived reports, exports and backups. The answer cannot be "as long as the tool allows". 4. Provider roles are unclear The site publisher remains responsible for understanding what the provider does. Review data-processing terms, hosting, transfers, sub-processors and reuse clauses before launch. 5. The public explanation is vague A privacy policy that only says "we use cookies to improve the experience" is not enough for a modern analytics stack. Explain the tool, purpose, data categories, retention and choice mechanism in concrete terms. How to reduce risk before launch Run this practical check:open a clean browser profile and inspect which scripts fire before any choice; map each tag to a purpose and owner; remove tags nobody can justify; separate minimal audience reporting from richer marketing tracking; document retention and export rules; review provider terms and transfer mechanisms; update privacy copy with actual tool names; keep evidence of the test in the release checklist.For Pomelo, this means keeping the public promise conservative: cookieless by default, minimal collection, clear documentation, Strict first and Extended by explicit configuration. Why this matters for SMEs SMEs often assume enforcement only targets large platforms. The CNIL sanction list shows that smaller organizations can also be sanctioned, including through simplified procedures. The amounts differ, but the operational lesson is the same: a small team still needs traceability, minimization and a clean release process. Good analytics governance is not bureaucracy. It prevents last-minute launches from becoming privacy incidents. Sources Sources checked on May 9, 2026.CNIL, public list of sanctions, updated April 14, 2026 CNIL, Cookies and other trackers CNIL, Cookies and audience measurement solutions

GDPR analytics checklist: 10 checks before installing a tracking tool

GDPR analytics checklist: 10 checks before installing a tracking tool

Installing analytics is easy. Governing analytics is harder. A script can be live in five minutes, but the team still needs to know what it collects, why it collects it, how long the data stays available and which choices are presented to visitors. Use this checklist before adding or changing a measurement tool. It is not legal advice. It is a practical review framework for product, marketing, engineering and privacy stakeholders. 1. Define the purpose Write the purpose in one sentence. "Understand audience and site performance" is not the same as advertising attribution, retargeting, product behavior analysis or CRM enrichment. Separate the purposes before discussing tools. 2. Split baseline and enriched collection Define what belongs in minimal audience reporting and what belongs in enriched tracking. Campaign parameters, detailed events, goals, technical context and multi-site segmentation should be deliberate configuration choices. 3. List the fields collected Review the payload, not only the dashboard. Check URL, referrer, user agent, language, screen data, campaign parameters, identifiers, events and custom properties. Remove fields that do not serve the stated purpose. 4. Check tracker timing Use a clean browser profile and inspect which scripts fire before any visitor choice is recorded. Do this on the homepage, landing pages, forms, checkout or signup flows and authenticated areas. 5. Set retention rules Define retention for raw events, aggregated reports, exports and backups. Long retention should be justified by a real operational need, not by a vendor default. 6. Review provider terms Confirm the provider role, hosting location, sub-processors, transfers, support access and reuse clauses. Keep the current data-processing agreement with the launch record. 7. Update public information Your privacy policy should name the tool, describe the purpose, list the main data categories, explain retention and point to the relevant choice or objection mechanism. 8. Test Strict and Extended behavior If your product separates Strict and Extended collection, verify both modes in the browser and in storage. Strict should not persist enriched fields. Extended should be explicit and documented. 9. Control access and exports Analytics data often spreads through CSV exports, screenshots and shared dashboards. Restrict access to people who need it and define how exports are handled. 10. Keep evidence Save the browser test, payload review, provider links, privacy-policy update and release owner in your launch checklist. Evidence matters when decisions are challenged later. Pomelo launch reading For Pomelo, this checklist translates into a simple doctrine: Strict by default, Extended by configuration, no profile mutation from reports, and clear dashboard explanations when data availability changes with collection mode. SourcesCNIL, Cookies and other trackers: https://www.cnil.fr/fr/cookies-et-autres-traceurs CNIL, Cookies and audience measurement solutions: https://www.cnil.fr/fr/cookies-solutions-pour-les-outils-de-mesure-daudience EDPB, Guidelines 05/2020 on consent under Regulation 2016/679: https://www.edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-052020-consent-under-regulation-2016679_en EDPB, Guidelines 07/2020 on controller and processor concepts: https://www.edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-072020-concepts-controller-and-processor-gdpr_en

Piwik PRO pricing change: what former Core users should verify next

Piwik PRO pricing change: what former Core users should verify next

According to Piwik PRO's July 2025 announcement, the economics of the Core offer changed and Business and Enterprise became the paid routes highlighted for hosted professional use. For teams that adopted Core because it was free, the right response is not panic. It is a structured migration review. As of May 9, 2026, buyers should verify current pricing and terms on Piwik PRO's official pages before making a decision. Vendor pricing changes quickly, and analytics migrations are expensive when they are rushed. The decision is about ownership, not only price The repositioning of a generous free analytics tier forces a useful question: what are you actually paying for? If Piwik PRO remains the right product, the budget may be justified by governance, support, hosted infrastructure, retention and enterprise controls. If the team mainly needs readable traffic reporting, a lighter privacy-first SaaS or a self-hosted tool may be a better fit. The mistake is to compare only monthly list prices. The real cost includes setup, data retention, access management, documentation, legal review, reporting adoption and the effort required to explain the dashboard to non-specialists. Migration checklist Before changing tools, export and document:current sites, domains and tracking snippets; retention settings and historical data that must be preserved; dashboards or reports used by leadership, clients or marketing; goals, events and campaign parameters that are still useful; data-processing agreements and provider roles; access rights and users who must be migrated; privacy-policy wording and internal records of processing; the date when old and new tools will run in parallel.Run both tools side by side for a short period when possible. This gives the team a bridge for trend comparison and avoids treating a tool migration as a sudden drop in traffic. How to compare alternatives For a European SME, B2B SaaS or multi-site digital team, use five criteria:Does the tool answer the questions the team actually asks every week? Does the collection model separate minimal analytics from enriched tracking? Are pricing, retention and user limits easy to understand? Can non-specialists read the reports without training? Is the privacy documentation specific enough for your legal review?Plausible, Fathom, Simple Analytics, Matomo and Pomelo can all be reasonable depending on the answer. The best choice is the one that matches your operating model, not the one with the loudest comparison table. Where Pomelo fits Pomelo's intended launch position is narrower and clearer: cookieless by default, Strict first, Extended by explicit configuration, and dashboards designed for teams that need actionable reporting rather than analytics administration. That does not make it a universal replacement for Piwik PRO. It makes it a good candidate when the team wants minimal collection, multi-site readability and a product that documents the difference between baseline and enriched data. Sources Sources checked on May 9, 2026.Piwik PRO, Introducing the new Piwik PRO Core and updated pricing, July 3, 2025 Piwik PRO, Business plan Piwik PRO, Pricing Matomo, Pricing Plausible, subscription plans

Plausible vs Fathom vs Simple Analytics: a practical 2026 comparison

Plausible vs Fathom vs Simple Analytics: a practical 2026 comparison

Plausible, Fathom and Simple Analytics sit in the same broad category: lightweight, privacy-first web analytics for teams that do not want the complexity of GA4 or an enterprise analytics suite. They are not interchangeable, though. The right choice depends on your traffic volume, team model, reporting needs, hosting expectations and internal privacy review. Prices and packaging change often. This comparison is based on public vendor pages checked on May 9, 2026. Always verify the current vendor page before buying. The short version Choose Plausible if you want an established open-source product, a clean dashboard, a self-hosting route and detailed documentation around subscription tiers. Choose Fathom if you want a simple paid SaaS with a deliberately small feature surface and straightforward multi-site pricing. Choose Simple Analytics if you want a Netherlands-based product with a clearly documented privacy posture, simple reports and a free entry point within the vendor's published limits. Choose Pomelo if your priority is multi-site reporting for European SMEs, B2B SaaS teams and agencies, with Strict collection by default and Extended collection only when explicitly configured. Comparison tableCriterion Plausible Fathom Simple AnalyticsMain fit Teams wanting open-source credibility and simple reports Teams wanting a compact paid SaaS Teams prioritizing documented privacy posturePricing model Subscription tiers by usage Subscription tiers by pageviews Free or paid plans depending on usage limitsSelf-hosting Community Edition available Not the core model Not the core modelMulti-site use Supported Supported Supported by planReporting style Minimal dashboard, events, goals, campaigns Minimal dashboard, events, campaigns Minimal dashboard, goals, referrersBuyer risk to verify Plan limits, self-hosting maintenance, imported history Plan fit and feature depth Plan limits and event/view countingPrivacy posture is a configuration question All three vendors position themselves around privacy-first analytics, but a vendor promise is not the same as your live setup. Your team still needs to document:what the script collects; whether events or campaign parameters add personal or sensitive context; retention periods; provider role and data-processing terms; transfers and hosting location; whether other trackers on the same site change the consent analysis.This is where Pomelo's Strict/Extended split is useful as a product model. Strict should cover baseline audience reporting. Extended should be a deliberate setting for richer campaign, event, goal or technical context. The dashboard should explain the effect of that setting instead of hiding it inside marketing copy. Pricing should be compared at your real volume Do not compare only entry prices. Model the cost at your actual monthly pageviews, number of sites, number of users, retention needs and export/API expectations. For example, a tool that is cheaper at 10,000 monthly pageviews may be more expensive at 500,000. A self-hosted option may reduce subscription fees but add infrastructure, backup and maintenance cost. A plan with generous site limits may be cheaper for an agency than a plan priced per site. Reporting quality matters more than feature count The best analytics tool is the one the team actually reads. Before buying, ask the person who will use the dashboard every week to answer three questions from a trial account:Which acquisition sources are working? Which content or pages deserve action? Which conversions changed materially since last period?If the tool cannot answer those questions quickly, more reports will not fix the problem. Sources Sources checked on May 9, 2026.Plausible, subscription plans Plausible, data policy Fathom, pricing Fathom, features Simple Analytics, pricing Simple Analytics, what we collect

Why the Era of 'Data Obesity' Is Paralyzing Small Businesses (And How to Break Free)

Why the Era of 'Data Obesity' Is Paralyzing Small Businesses (And How to Break Free)

We were sold a dream. The "Big Data" dream. For the past decade, the promise made to SMB owners, SaaS teams, and marketing managers has been the same: "The more data you collect about your visitors, the better you'll sell." The reality in 2025? It's often the opposite. Tools have become bloated, data piles up unread, and decisions are slower than before. This is what we call data obesity: the accumulation of data that doesn't serve decisions, but costs you in time, money, compliance, and performance. In short:Too much data kills decisions: information overload clutters dashboards and paralyzes action. The "Vanity Metrics" trap: you track flattering curves instead of focusing on what actually drives revenue. A triple cost: technical (slower site), legal (GDPR), and trust (visitors refusing tracking). The solution exists: frugal analytics — measure less, decide better.1. The "Dashboard Nobody Looks At" Syndrome Open your current analytics tool. In under 10 seconds, can you tell:whether your week was good? which page generated the most leads? which traffic source is performing best?If the answer is no, you're not alone. You're in the overwhelming majority. Big Data Isn't for SMBs Eurostat's Digitalisation in Europe publication frames advanced digital adoption as a 2030 objective: 75% of EU companies should use cloud computing, perform big data analysis, or use artificial intelligence. The same source shows the gap by company size: in 2022, 98% of large businesses reached a basic level of digital intensity, versus 69% of SMEs. → Source: Eurostat – Digitalisation in Europe, technology uptake in businesses Yet these same SMBs end up with tools designed for 20-person data teams. GA4 offers hundreds of reports, dozens of dimensions, customizable explorations. For a 2-person marketing team, it's like getting an airliner cockpit when all you need is a car dashboard. The Choice That Paralyzes The abundance of options, reports, and dimensions creates user fatigue. This is a well-documented phenomenon in behavioral science: choice overload. The more options you have, the less capable you are of choosing — and the less satisfied you are with your choice when you make one. → Source: The Decision Lab – Choice Overload Bias Applied to analytics: more information ≠ better decisions. On the contrary, too much data leads to inaction. You close the tab and fly blind.2. The Race for "Vanity Metrics" In many small businesses, the metrics sitting at the top of dashboards are also the ones least useful for decision-making:pageviews (without knowing which pages convert), total session count (without distinguishing prospects from bots), bounce rate (an ambiguous metric, often misinterpreted), visitors by country (rarely actionable for a local business).These metrics flatter the ego — "we had 10,000 visits this month!" — but they say nothing about a site's actual performance. The 3-Question Test For a small business, a useful dashboard should answer three questions:How many people are discovering my site? (acquisition) Which pages generate the most inquiries or sales? (performance) What does that represent each week? (results)If your tool can't answer these immediately, it's pulling you away from your main goal: understanding what works so you can grow your business. We've detailed which metrics to keep (and which to ignore) in our guide to The "5 KPIs" Method.3. The Hidden Cost of Complexity Data obesity doesn't just cost time. It has three concrete costs that most businesses underestimate. 3.1 The Technical Cost: A Slower Website Traditional analytics tools often ship heavy scripts that degrade Core Web Vitals — the web performance metrics Google uses as a ranking factor. An independent audit by Bejamas shows that third-party scripts (analytics, chat widgets, marketing pixels) can significantly slow down page loads, with analytics scripts often leading in main-thread blocking time. → Source: Bejamas – How Popular Scripts Slow Down Your Website The GA4 script weighs approximately 45 KB compressed in the cited measurements. Frugal alternatives often sit between 1 and 6 KB. As we explain in our article on SEO without Google Analytics, lighter third-party scripts can contribute to better Core Web Vitals, even though the result always depends on the full page. Slower sites = fewer conversions = less revenue. 3.2 The Legal Cost: GDPR Risk The more signals you collect — precise geolocation, cross-page navigation, technical fingerprinting, per-page session duration — the higher your legal exposure. Every piece of data collected is a piece of data to protect, to document in your processing registry, and to justify during an audit. European Data Protection Authorities — including the French CNIL — describe a narrow path for audience measurement tools that meet strict conditions. The practical lesson is not "no banner by default"; it is that minimal collection, clear documentation, and a correctly configured tool reduce compliance burden. → Source: CNIL – Audience measurement solutions This is probably the most underappreciated argument for frugal analytics: collecting less reduces the surface you need to document and can simplify review. It does not remove the need to assess purposes, visitor information, possible consent requirements, or the other trackers on the same site. For the formal criteria, use the CNIL page and document your own configuration. 3.3 The Trust Cost: Visitors Who Refuse Another side effect of traditional analytics: cookie banners. According to data from European regulators, cookie refusal rates have risen significantly since enforcement began in earnest. Depending on consent rates, browsers, blockers, geography and the broader tracker stack, a classic cookie-banner setup can materially reduce measured traffic. → Source: CNIL – Cookie action plan impact evaluation In some sectors, ad blockers and script blockers amplify the gap further. Result: your dashboard can under-represent part of the measurable audience. The size of that gap is context-specific. A cookieless-by-default tool reduces dependence on acceptance rates for the audience-measurement layer. Your final consent UI still depends on the full tracker stack, including advertising pixels, personalization, or session replay.4. The Solution: Frugal Analytics Frugal analytics isn't about measuring less out of laziness or ideology. It's about measuring better, by focusing on what:concretely helps you make decisions, respects visitor privacy, doesn't slow down your site, limits some legal-review friction.What It Changes in PracticeBefore (Data Obesity) After (Frugal Analytics)200+ metrics available 5-7 actionable KPIsDashboard opened once a month (and closed immediately) Dashboard checked weekly, understood in 30 secondsConsent UI driven by broad tracker stack Cookieless-by-default audience baselineHeavy script, possible Core Web Vitals impact Lighter script, impact to measure in contextComplex GDPR compliance (CMP, registry, proxying) Minimal collection and more readable review40-page monthly report 10-line results-oriented reportFrugal analytics is the equivalent of seasonal cooking: fewer ingredients, better chosen, better prepared. The result is superior to accumulation. The Core PrinciplesCollect only what drives decisions. If a data point wouldn't change your actions, don't collect it. Simplify to democratize. A dashboard the founder understands is worth more than a report only the data analyst can interpret. Respect by design. Compliance shouldn't be a bolt-on ("let's proxy GA4 to reduce risk") but a prerequisite: choose collection boundaries that are clear, minimal and documentable. Measure performance, not people. Aggregated trends (popular pages, traffic sources, conversion rates) are more useful and less risky than individual-level tracking.5. Where to Start If you're convinced your current analytics is too complex, here are the first three steps. Step 1: Identify your 5 KPIs. Use the 5 KPIs method to define the only metrics that matter for your business. If an indicator doesn't pass the test "would I change how I work if this number moved?", remove it. Step 2: Evaluate your current tool. Compare it honestly against the alternatives. Our analytics tool comparison details the strengths, weaknesses, and pricing of each family (GA4, Matomo, frugal). Step 3: Test. Most frugal solutions install quickly with a short script and offer a free trial. Run both tools in parallel for a month. Compare: which one gives you an answer faster?Conclusion: Put Your Analytics on a Diet The era of collecting data "just in case" is behind us. Regulation, web performance, and common sense all converge on the same conclusion: less data, better chosen, is better for everyone — for the business, for visitors, and for the web. For 2026, the best strategy for an SMB isn't adding dashboards — it's removing them. Less noise. Less friction. More concrete decisions. Frugal analytics means putting data in service of the business, not the other way around.FAQ: Understanding Frugal Analytics What is frugal analytics? An approach to audience measurement that limits collection to the strict minimum needed to make business decisions. It's built on three principles: collect only what drives action, prefer aggregated data over individual profiles, and choose tools with clear collection boundaries (no measurement cookies, no user profiles). Which metrics should I absolutely keep? Unique visitors, traffic sources, top pages, key events (CTA clicks, form submissions), and conversions. These 5 metrics are enough to steer a brochure site, a blog, or a small e-commerce store. Everything else is bonus — or noise. Can you do frugal analytics with GA4? Technically yes, but it requires advanced expertise: disabling granular collection, configuring consent mode, reducing some transfer or collection risks, and building custom reports limited to essential KPIs. For most SMBs, it is simpler to choose a natively frugal tool and then document the actual setup. Is frugal analytics enough for e-commerce? For a small e-commerce site (under 1,000 orders/month), yes. The 5 essential KPIs cover acquisition, engagement, and conversion. For e-commerce with multi-channel attribution, retargeting, or advanced segmentation needs, a more comprehensive tool (Matomo, GA4) will be necessary — but the frugality principle still applies: start with the essentials, and add complexity only if it's justified. How many businesses actually use Big Data? Eurostat's Digitalisation in Europe data shows a persistent size gap in digital intensity: in 2022, 98% of large businesses reached a basic level, versus 69% of SMEs. Most small teams do not have the people, tools, or need to exploit massive datasets. Frugal analytics is the approach suited to this reality. SourcesEurostat, Digitalisation in Europe: technology uptake in businesses CNIL, Cookies: audience measurement solutions CNIL, Cookie action plan impact evaluation Google Search Central, Core Web Vitals and Google Search results