Hacker News new | ask | show | jobs
by marvinblum 481 days ago
Correct, it's not so much about Cookies, but how data is collected and what is stored.

We have done a privacy risk analysis with an external lawyer and data protection officer, and concluded that Pirsch is in line with GDPR as we do not collect nor store personal identifiable information (PII). Processing stuff like IP addresses for example is legal as long as they are not stored and only cached for a reasonable amount of time (a few milliseconds in our case).

If you're interested, we have extensive documentation on this. You can reach out to support@pirsch.io to get it :)

If anyone is interested in doing something similar. This did cost us about 8,000 € in Germany.
2 comments
anonzzzies 481 days ago
I guess because you store their fingerprint (for uniques) only 24 hours, it is ok?
link
marvinblum 481 days ago
This also factors in, yes. If we would store it indefinitely, there is the risk of profiling (estimating who someone is by their behaviour).
link
michpoch 481 days ago
> This did cost us about 8,000 € in Germany.

The apparently extensive legal assessment you just described costed just 8'000 euro?

I am sorry but that had to be some hasty review at best. Do you take the full legal risk in case any of your customers would be found in violation of privacy laws because of using your service?

For reference, with similar hourly rates as Germany, reviewing a standard apartment-purchase contract cost me ~3500 euro.

link
marvinblum 481 days ago
We had someone with a lot of experience in this field working for very large German corporations and got a discount/startup bonus. I wouldn't call it cheap.

Imagine starting a business in Germany. How are you suppose to pay 30-50k for legal questions before selling anything?

link
michpoch 478 days ago
> I wouldn't call it cheap

The moment someone sues your customers, or some European agency will gets onto them, that 8000 euro opinion is all you're basing your company's legal security on. In that context, yes, this is being very cheap.

link
account42 479 days ago
Analytics and other forms of tracking are not required to do do business. Don't try to skirt the law and you won't have as many legal questions to answer.
link
XCSme 477 days ago
So, if I run ads or a marketing campaign, I shouldn't be able to know if it brings a positive ROI or not?

Let's assume I pay $1000 for Google Search Ads, wouldn't it help the business to know that "from my sales, $800 came from Google Search Ads"?

People do this all the time, even in real life, with coupon codes fliers for example.

link