Is Attrifast GDPR compliant even though it is hosted in the US?

Yes. Attrifast collects no personal data, sets no cookies, and stores no IP addresses or device fingerprints. GDPR compliance flows from this architecture, not server geography.

Does Pirsch track revenue?

No. Pirsch is a privacy-first traffic analytics tool with no Stripe integration. It cannot attribute revenue to traffic sources. Attrifast adds native revenue attribution on top of the same privacy foundation.

When should I choose Pirsch over Attrifast?

Choose Pirsch if your legal team has a blanket policy requiring all vendor data in the EEA, or if script size is critical — Pirsch is ~1 KB vs Attrifast's 4 KB. Otherwise Attrifast adds revenue attribution at no extra privacy cost.

Attrifast vs Pirsch

EU hosting is not
what makes you GDPR-compliant.

Many founders switch to Pirsch specifically for EU data residency, believing it's a GDPR requirement. It isn't. When a tool collects no personal data and sets no cookies, GDPR compliance flows from the architecture — not the geography of the server. Attrifast and Pirsch are both GDPR-compliant. Attrifast also attributes revenue.

Start GDPR-compliant tracking →

Free tier available. GDPR compliant from day one.

The GDPR compliance decision tree

Walk through the actual legal questions. You'll see why server location is rarely the deciding factor for analytics tools that collect no personal data.

Step 1 — The core question

Do you collect personal data?

Personal data = any information that can identify a natural person: IP address, name, email, device fingerprint, persistent identifier.

Yes

GDPR applies. Continue to Step 2.

GDPR does not apply. No consent needed regardless of server location.

If Yes — continue

Step 2 — ePrivacy Directive

Do you use cookies or similar trackers?

The EU ePrivacy Directive requires consent for any cookie that stores or accesses data on the user's device — regardless of whether the data is personal.

Yes

Consent banner required under ePrivacy law.

No ePrivacy issues. No cookie banner needed.

If Yes — continue

Step 3 — International transfers

Do you transfer personal data to a country outside the EEA?

If personal data flows to a US server, GDPR Chapter V requires a legal transfer mechanism — typically Standard Contractual Clauses (SCCs).

Yes (personal data)

SCCs or EU hosting required.

No personal data

Chapter V doesn't apply. SCCs are sufficient as a precaution.

Conclusion

EU hosting is a nice-to-have, not a legal requirement.

For analytics tools that collect no personal data and set no cookies — like Attrifast and Pirsch — the legal basis for GDPR compliance is the architecture, not the server location. Neither tool triggers GDPR's core requirements. EU hosting becomes legally significant only when personal data is actually being transferred.

The EU hosting misconception

Why architecture matters more than geography for GDPR compliance.

What the GDPR actually regulates

GDPR applies to the processing of personal data. If your analytics tool doesn't process personal data, GDPR's core obligations — lawful basis, consent, data subject rights, transfer restrictions — simply don't apply to that tool. The regulation has nothing to regulate.

Why cookie-free matters more than EU servers

The consent banner requirement comes from the ePrivacy Directive, not GDPR. It triggers on cookie or device storage access — regardless of where the server sits. A cookie-based tool on an EU server still requires consent. A cookie-free tool on a US server does not.

How Attrifast avoids personal data entirely

Attrifast does not store IP addresses, does not fingerprint devices, does not set cookies, and does not create persistent user identifiers. Aggregate session statistics are derived server-side and the raw signals are immediately discarded. There is no personal data to regulate.

When Pirsch's EU hosting is genuinely useful

If your legal team has a blanket policy requiring all vendor data to remain in the EEA — regardless of whether it's personal — Pirsch satisfies that internal policy. That's a valid organizational requirement. It's just not a GDPR legal requirement for cookie-free tools that collect no personal data.

Attrifast vs Pirsch: full comparison

Honest comparison. Note that Pirsch's script is smaller — that's a real tradeoff worth knowing if page weight is critical to you.

FeatureAttrifastPirsch

Data hosting locationUS (AWS)EU (Germany)

Personal data collectedNoneNone

Script size4 KB~1 KB

Revenue attribution

Stripe integration

Revenue per Visitor metric

Cookie-free tracking

GDPR compliant (no banner)

Traffic analytics

Custom events

Starting priceFree~$5/mo

Script size: Pirsch's ~1 KB is genuinely smaller than Attrifast's 4 KB. If you're optimizing for Core Web Vitals at high scale, that's worth factoring in.