Measure Measure
Sign In Start Free Trial

Policies / GDPR Compliance

GDPR Compliance

Last updated: March 7, 2026

Our Position

Measure is designed to be GDPR-compliant by default. Because we do not collect personal data from your website visitors, the most common GDPR obligations — cookie consent, data subject requests for visitor data, cross-border transfer restrictions for visitor data — do not apply to data collected by Measure's tracking snippet.

What Makes Measure GDPR-Friendly

  • No cookies: Measure does not set any cookies on your visitors' browsers
  • No personal data collected: We do not collect IP addresses, device fingerprints, or any data that can be linked to an individual visitor
  • No consent banner required: Because we collect no personal data and use no cookies, GDPR Article 6 lawful basis requirements do not apply to visitor analytics
  • No cross-border personal data transfer: No visitor personal data is transferred internationally, as none is collected

Data We Do Hold About You (Account Holders)

As a Measure account holder, you are a data subject under GDPR if you are located in the EEA, UK, or Switzerland. We hold the following personal data about you:

  • Your email address (used for authentication and billing communication)
  • Your Stripe customer ID (used to manage your subscription)
  • Your analytics data (the aggregate, anonymized data collected about your site's visitors)

Lawful Basis

We process your personal data under Article 6(1)(b) — processing necessary for the performance of a contract — as your data is required to provide the Measure service you have subscribed to.

Your Rights

Under GDPR, you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your account and all associated data
  • Portability: Export your analytics data via the dashboard or API
  • Objection: Object to processing where legitimate interests are the lawful basis
  • Restriction: Request that we restrict processing of your data

To exercise any of these rights, email privacy@measure.events. We will respond within 30 days.

Data Processor Relationships

We use a small number of sub-processors to deliver the service:

  • Stripe — payment processing (processes your billing data)
  • Postmark — transactional email delivery (processes your email address)

Both are GDPR-compliant processors with appropriate Data Processing Agreements in place.

Data Retention

We retain your account data for as long as your account is active. When you delete your account, all associated data is permanently deleted within 30 days.

Contact

For GDPR inquiries, email privacy@measure.events. Our data controller is Turbo Puffin, LLC.