Privacy-Focused-Web-Analytics-Dashboard
PrivacyMetrics
Privacy-Focused Web Analytics Dashboard
A self-hosted analytics solution designed with privacy at its core. Complete data ownership, no cookies, and transparent data collection practices.
οΏ½οΈ Dashboard Preview
Screenshot coming soon. To see it live: run
pnpm devand open http://localhost:8080.
οΏ½π Quick Start
Get started in minutes: π DEVELOPER_GUIDE.md
Complete setup guide with:
- Installation & dependencies
- Local development setup
- Testing & validation
- Integration examples
- Deployment options (Docker, Railway, self-hosted)
π¬ Did This Work for You?
If you cloned this repo and tried it out β weβd love to hear from you!
- β It worked great β Tell us what you built
- β Ran into a problem β Ask for help
- π‘ Have a feature idea β Share it
- π Found a bug β Open an issue
Your feedback directly shapes what gets built next. Even a short βit worked!β helps.
β¨ Current Features (v1.0.0-beta.1)
β Implemented & Tested
- Multi-website dashboard - Create, manage, and delete website tracking codes
- Website isolation - Each websiteβs data is completely separate
- Real-time event tracking - Events tracked and stored immediately
- Visitor tracking - Unique visitor identification via IP hashing
- Session management - Session grouping and duration tracking
- Authentication - User registration and login with JWT tokens
- Dashboard metrics - View key metrics per website
- Self-hosted option - Full data ownership with SQLite database
- Privacy-first approach - Transparent data collection practices
- CORS configured - Proper cross-origin request handling
π Core Data Collected
- Page views
- Unique visitors (via hashed IP fingerprints)
- Session duration
- Referrer sources
- Request timestamps
β What is NOT Collected
- Cookies (never set)
- Browsing fingerprints beyond IP hash
- Personal identifiable information (names, emails from tracking)
- Cross-site user tracking
- Device details (browser, OS tracking not implemented yet)
βοΈ How it Compares
PrivacyMetrics vs the most popular privacy-focused analytics tools:
| Feature | PrivacyMetrics | Plausible CE | Umami | Fathom |
|---|---|---|---|---|
| Open Source | β | β | β | β |
| Self-Hosted | β | β | β | β |
| Completely Free | β | β | β | π° |
| No Cookies | β | β | β | β |
| No PII Collected | β | β | β | β |
| GDPR Compliant | β | β | β | β |
| Multi-site Support | β | β | β | β |
| Tracking Script Size | 2KB | ~1KB | ~2KB | ~1KB |
| Database | SQLite | PostgreSQL + ClickHouse | PostgreSQL / MySQL | Proprietary |
| Setup Time | ~5 min | ~30 min | ~15 min | N/A |
| Tech Stack | Node.js + React | Elixir + Phoenix | Next.js | Ruby |
| Custom Events | β (roadmap) | β | β | β |
| Data Export | β (roadmap) | β | β | β |
| Email Reports | β (roadmap) | β | β | β |
PrivacyMetrics is the simplest to self-host β SQLite means zero database server setup. Clone β install β run.
ποΈ Tech Stack
Frontend Stack:
- React 18.3 + TypeScript 5.9
- Vite 7.1 (fast build & dev server)
- Tailwind CSS 3.4 (styling)
- Radix UI (component library)
- React Router 6.30 (navigation)
- Recharts 2.12 (chart visualizations)
- React Hook Form (form handling)
Backend Stack:
- Express.js 5.1 (Node.js framework)
- TypeScript 5.9 (type safety)
- Prisma 5.16 (ORM)
- SQLite 3 (database)
- JWT (authentication)
- Bcryptjs (password hashing)
Tracking Script:
- Vanilla JavaScript (2KB, zero dependencies)
- Sendbeacon API (reliable event delivery)
- No external dependencies
π Project Structure
βββ client/ # React frontend (React components, pages, hooks)
β βββ pages/ # Route pages (Dashboard, Login, Register, etc.)
β βββ components/ # Reusable components (UI, dashboard, hero)
β βββ hooks/ # Custom React hooks (useDashboardData, useTheme, etc.)
β βββ lib/ # Utilities and helpers
βββ server/ # Express backend
β βββ routes/ # API endpoints (auth, tracking, dashboard, websites)
β βββ services/ # Business logic (tracking, aggregation, auth)
β βββ middleware/ # Authentication middleware
β βββ schemas/ # Zod validation schemas
βββ shared/ # Shared TypeScript types and API definitions
βββ public/ # Static files and tracking script
β βββ pm.js # Production tracking script (2KB)
β βββ *.html # Test HTML files
βββ prisma/ # Database schema and migrations
β βββ schema.prisma # Data model definitions
β βββ migrations/ # Database version history
βββ infrastructure/ # Deployment configs
β βββ Dockerfile # Docker container definition
β βββ *.config files # Rail way, Netlify configs
βββ scripts/ # Utility scripts
β βββ validate-tracking.ps1 # Validation script
β βββ *.sh # Shell scripts
βββ config/ # Build configuration
β βββ vite.config.ts # Frontend build config
β βββ vite.config.server.ts # Backend build config
βββ config-tools/ # Tool configurations
β βββ .eslintrc.json # Linting rules
β βββ tailwind.config.ts # Tailwind CSS config
β βββ tsconfig.json # TypeScript config
βββ docs/ # Documentation (15+ guides)
---
## π§ Development
### Prerequisites
- Node.js 18.0 or higher
- pnpm (or npm/yarn)
### Installation & Setup
```bash
# 1. Install dependencies
pnpm install
# 2. Initialize database
pnpm db:push # or: npx prisma db push
# 3. Start development servers
pnpm dev
Access the application:
- Frontend Dashboard: http://localhost:8080
- Backend API: http://localhost:3000
- Database: SQLite at
prisma/dev.db
Common Development Commands
# Development
pnpm dev # Start both frontend and backend
pnpm dev:frontend # Frontend only (hot reload)
pnpm dev:api # Backend only (hot reload)
# Building
pnpm build # Build client and server
pnpm build:client # Frontend only
pnpm build:server # Backend only
# Quality checks
pnpm test # Run tests
pnpm typecheck # TypeScript validation
pnpm lint # Eslint check
pnpm format.fix # Format code with Prettier
pnpm quality-check # Run all checks
# Database
pnpm db:push # Sync database schema
pnpm db:reset # Reset database
pnpm db:seed # Seed sample data (if configured)
# Production
pnpm start:prod # Run production build
π Documentation
All technical documentation is located in the docs/ folder:
| Document | Purpose | Audience |
|---|---|---|
| DEVELOPER_GUIDE.md | Complete setup and development guide | All developers |
| API_DOCUMENTATION.md | REST API reference with examples | Backend developers |
| BACKEND_SETUP_GUIDE.md | Backend configuration and setup | Backend developers |
| FRONTEND_BACKEND_INTEGRATION_GUIDE.md | How frontend connects to API | Frontend developers |
| TRACKING_SCRIPT_GUIDE.md | How to integrate tracking on websites | Website integrations |
| TRACKING_QUICK_REFERENCE.md | Quick tracking reference | Quick setup |
| WEBSITE_MANAGEMENT_GUIDE.md | Website CRUD operations | Website operations |
| PROJECT_STRUCTURE.md | Detailed project architecture | All developers |
| CODE_QUALITY_SCANNING_GUIDE.md | Code quality and CI/CD setup | DevOps/QA |
| FREE_HOSTING_GUIDE.md | Deployment options (free tier) | DevOps/Deployment |
Quick Links:
- π Getting started? β Read DEVELOPER_GUIDE.md
- π Want to integrate tracking? β See TRACKING_SCRIPT_GUIDE.md
- π‘ Need API reference? β Check API_DOCUMENTATION.md
- π Ready to deploy? β Follow FREE_HOSTING_GUIDE.md
π Security & Privacy
Privacy by Design
β
No Cookies - Never sets any tracking cookies
β
No Fingerprinting - Only uses hashed IP addresses for visitor identification
β
Session-Based Storage - Data expires with browser session
β
No Cross-Site Tracking - Each website is completely isolated
β
Transparent Collection - Clear documentation on what data is collected
β
Self-Hosted Option - Full control and data ownership
Backend Security
β
JWT Authentication - Secure token-based API authentication
β
Password Hashing - Bcryptjs for secure password storage
β
CORS Protection - Proper cross-origin request validation
β
Protected Routes - Authentication middleware on API endpoints
β
Input Validation - Zod schemas for request validation
Data Protection
- All sensitive data (passwords, tokens) are hashed/encrypted
- SQLite database contains only aggregated visitor data
- No Personal Identifiable Information (PII) collected via tracking
- Data access requires authentication
π¦ Deployment
Ready to deploy? Choose your platform:
Quick Deployment Options
- Railway.app - See infrastructure/railway.json
- Docker - See infrastructure/Dockerfile
- Netlify - See infrastructure/netlify.toml
- Self-Hosted - Run with Node.js and SQLite
Detailed deployment guide: FREE_HOSTING_GUIDE.md
π Issues & Support
Found a bug? Have a feature request?
- Report Issues: GitHub Issues
- Ask Questions: GitHub Discussions
- Check Documentation: docs/ folder for comprehensive guides
- Read Developer Guide: DEVELOPER_GUIDE.md
π Project Status
v1.0.0-beta.1 (Current)
Whatβs Working:
- β Multi-website tracking dashboard
- β User authentication (registration, login)
- β Real-time event tracking
- β Website management (create, view, delete)
- β Visitor & session tracking
- β API endpoints (fully documented)
- β Database persistence (SQLite)
- β Docker deployment ready
- β Self-hosted support
Known Limitations:
- π Browser/OS detection not fully implemented
- π Advanced analytics (funnels, cohorts, retention) not implemented
- π Email reporting not implemented
- π Advanced filtering/segmentation not yet available
Future Roadmap:
- Device and browser analytics
- Advanced filtering and segmentation
- Email digest reports
- Goal tracking
- Custom events
- API webhooks
- Data export (CSV/JSON)
π License
MIT License - See LICENSE file for full details
All documentation is in one place: DEVELOPER_GUIDE.md
For internal notes and older docs: See confidential_docs/ folder
π£ Give Feedback
Discussions are open β this is the best place to share thoughts, ask questions, or suggest improvements.
| Channel | Use it for |
|---|---|
| π‘ Ideas | Feature requests and suggestions |
| π Q&A | Setup help and how-to questions |
| π Show & Tell | Share what you built with it |
| π¬ General | Anything else |
π€ Contributing
Contributions are welcome! Read the full guide: CONTRIBUTING.md
Quick steps:
- Fork β create a branch β make changes β
pnpm quality-checkβ open a PR
Please review our Code of Conduct before contributing.
π Links & Resources
Repository:
Documentation:
External Resources:
π‘ Philosophy
PrivacyMetrics is built on the principle that analytics donβt require invasive tracking. We believe:
- Privacy is a right - Not a feature to be negotiated
- Transparency matters - Users deserve to know what data is collected
- Data ownership - Your data should be on your own servers
- Open source - Code should be auditable and trustworthy
- Minimal data - Collect only whatβs necessary
Made with β€οΈ for privacy-conscious developers
Questions? Start with DEVELOPER_GUIDE.md, join the discussion, or open an issue. π