Measure Measure
Sign In Start Free Trial
← Blog
analytics privacy gdpr cookieless guide

Cookieless Analytics in 2026: Why It Matters and How to Set It Up

by Jules

Somewhere between GDPR in 2018 and the deprecation of third-party cookies in Chrome, the web analytics industry quietly split in two. On one side: the old model of drop a script, collect everything, deal with consent later. On the other: cookieless analytics tools that never needed consent in the first place.

If you’re still running the old model, here’s why it’s costing you more than you think — and how to switch.

What “Cookieless” Actually Means

Traditional analytics tools — Google Analytics, Mixpanel, Amplitude — use first-party cookies to track individual users across sessions. A cookie is written to the browser on first visit, and every subsequent visit is tied to that same identifier. This lets them build session models, cross-session funnels, and user-level reports.

The catch: cookies require consent under GDPR in the EU, UK GDPR, and increasingly under CCPA and other state laws. The moment you drop a cookie without consent, you need a banner.

Cookieless analytics does something different. Instead of writing a cookie, it identifies page requests using anonymized signals: the IP address (hashed and not stored), the browser’s user agent string, the referrer header, and the timestamp. These signals are combined into a short-lived fingerprint that is never stored to disk and never persists beyond the current day.

The result: per-page view counts, referrer attribution, and traffic trends — without any personally identifiable information, without cookies, and without a consent requirement in most jurisdictions.

Developers tend to see consent banners as a legal checkbox. They’re actually a revenue problem.

A standard cookie consent banner reduces analytics data collection by 30–60%. That’s not a rounding error — that’s a coin flip on whether your data reflects your actual traffic. In some EU markets, opt-out rates exceed 70%.

What this means in practice:

  • Your funnel conversion data is structurally incomplete
  • SEO improvements show as smaller gains than they are
  • A/B tests run on biased subsets (users who opted in skew toward certain demographics)
  • You ship features based on data that doesn’t represent your full user base

Beyond the data quality problem, banners degrade first impressions. For a developer tool or SaaS product, showing a cookie wall before the user has seen your product is a conversion problem disguised as a legal problem.

Cookieless analytics eliminates this entirely. No banner, no opt-out, no data skew.

Compliance in Practice

The legal standard for cookieless analytics under GDPR and similar frameworks:

  • No cookies or persistent identifiers: No consent required
  • No IP storage: IP is hashed and dropped after processing, not stored
  • No cross-site tracking: Data stays scoped to your domain only
  • No PII: Names, emails, and user IDs are never collected at the analytics layer

Tools like Measure.events are designed around this model from the ground up. The tracking script does not set any cookies. It does not store IP addresses. It does not track users across domains. Every pageview is an independent event, not a session attached to a user profile.

This means you can run cookieless analytics on an EU-facing product without a consent banner — and without sacrificing meaningful data.

What You Lose (and What You Don’t)

Cookieless analytics is not for every use case. Here’s an honest breakdown:

What you lose:

  • Repeat visitor counts (individual user sessions across days)
  • User-level behavior paths (user A → page 1 → page 2 → conversion)
  • Demographic and device data tied to specific users
  • Cross-session attribution (first touch vs. last touch per user)

What you keep:

  • Page-level traffic counts (accurate, complete, no consent gap)
  • Referrer source breakdown (google.com, chatgpt.com, direct, etc.)
  • Traffic trends over time (up/down by day, week, month)
  • Top pages and content performance
  • Custom events (button clicks, form submissions, CTA interactions)

For most developer products, documentation sites, SaaS marketing sites, and content businesses, the list of what you keep is everything you actually make decisions from. The list of what you lose is the stuff that looks impressive in reports but rarely drives a shipping decision.

Setting Up Measure.events Without Cookies

Installation takes about 90 seconds.

1. Create an account

Go to lets.measure.events and create a free account. Add your site domain. You’ll get a site key.

2. Add the tracking script

For a standard HTML site or any framework:

<script
  src="https://lets.measure.events/api/script/YOUR_SITE_KEY"
  defer
></script>

Add this to your <head> tag or layout component. It loads asynchronously and won’t block your page.

3. Framework-specific setup

Next.js (App Router):

// app/layout.tsx
import Script from 'next/script'

export default function RootLayout({ children }: { children: React.ReactNode }) {
  return (
    <html>
      <body>
        {children}
        <Script
          src="https://lets.measure.events/api/script/YOUR_SITE_KEY"
          strategy="afterInteractive"
        />
      </body>
    </html>
  )
}

Astro:

<!-- src/layouts/Base.astro -->
<head>
  <script
    src="https://lets.measure.events/api/script/YOUR_SITE_KEY"
    defer
    is:inline
  ></script>
</head>

Rails:

<%# app/views/layouts/application.html.erb %>
<head>
  <%= javascript_include_tag "https://lets.measure.events/api/script/YOUR_SITE_KEY", defer: true %>
</head>

That’s the complete setup. No configuration file, no API key in the client, no cookie banner needed.

4. Custom events (optional)

If you want to track specific user actions beyond pageviews — CTA clicks, form submissions, sign-up completions — you can fire custom events via the global measure function:

// Track a button click
document.getElementById('get-started').addEventListener('click', () => {
  window.measure?.('cta_click', { button: 'get-started' })
})

Custom events appear in your dashboard alongside pageviews. No additional setup required.

Using the MCP Server with Your AI Tools

Measure.events ships with an MCP (Model Context Protocol) server that lets you query your analytics data from AI tools like Cursor, Claude Desktop, and Windsurf.

Once connected, you can ask:

“Which pages had the biggest traffic drop this week?” “What’s the top referrer for my pricing page?” “Show me the trend for /blog over the last 30 days.”

No SQL. No dashboard switching. Just answers in the context of where you’re already working.

To connect, add the Measure.events MCP server to your tool’s config. Full setup instructions at lets.measure.events/docs/mcp.

The Practical Summary

If you’re running a developer tool, SaaS product, or content site with any EU traffic:

  1. Remove Google Analytics (or run it in consent-gated mode, degrading your data)
  2. Install a cookieless tool with a single script tag
  3. Remove the cookie consent banner
  4. Get accurate, complete traffic data without the compliance overhead

Cookieless analytics isn’t a compromise. For most products, it’s strictly better — more data, simpler setup, and one fewer thing that breaks when privacy laws change again.

Sign up free at Measure.events →

Ready to see accurate analytics?

No cookies. No consent banners. No personal data. $29/mo with a 14-day free trial.

Start free trial →