[statstutor]

GoatCounter claims to be GDPR compliant, but also says it collects:

URL of the visited page. Referer header. User-Agent header. Screen size. Country name based on IP address. A hash of the IP address, User-Agent, and random number

As such, it seems to be processing user data that could be linked to an individual person.

I'd be cautious about the claim that GoatCounter is totally GDPR compliant (without a consent notice). You're safe, for now, on the basis that this doesn't seem likely to be tested in law.

[arp242]

> GoatCounter claims to be GDPR compliant

It claims it's probably GDPR compliant, but it's pretty transparent about various possible caveats and such on the GDPR page[1].

[1]: https://www.goatcounter.com/gdpr

[statstutor]

Ah, I read another page it frames this slightly differently, e.g. https://www.goatcounter.com/why

"There should always be an option to add GoatCounter to your site without requiring a GDPR consent notice."

[arp242]

It's tricky writing these kind of things haha. You can actually disable data collection for a number of parameters: disable "User-Agents" for example and they will never be stored to disk. I should probably update a few of these pages.