For Snorklee AI
The first view saves time: generate a period summary, ask a free-form question, and get a plain-language answer with a chart and the evidence used.
Manifesto · sprint 2026
Understand what helps your site, without following people around.
Snorklee brings Snorklee AI, Analytics, Integration and Compliance together. Generate a summary, ask questions in plain language, separate humans from AI traffic, and keep the proof a privacy lead or client may need.
Hosted in France (EU)
Tracker ≈ 2 KB gzip
On-demand Snorklee AI
Retention 90 d / 25 mo
ISO 27001 (host)
Why rethink an analytics tool?
Because teams need more than a traffic line. They need to know what changed, where good visitors came from, which pages actually worked, and how to explain it without turning every release into a privacy project.
So the dashboard starts with simple questions: what happened, why, and what can you do now? Snorklee AI reads aggregates, not people. Analytics keeps the numbers verifiable. Integration helps you install cleanly. Compliance keeps the documents together.
Our principles
1. Concrete sovereignty
Production analytics data stays hosted in the European Union. Known operational processors are documented in the DPA and the Compliance view; the tracker is served without a third-party CDN.
2. Zero cookies, zero fingerprint
Daily-rotating visitor ID (monthly salt + date in HMAC), aggregation thresholds applied to every data crossing, owner included, IP never stored. Privacy is an invariant, not an option.
3. Useful AI, not intrusive AI
Snorklee AI generates a summary on click and answers questions in plain language. It reads analytics aggregates, applies the same privacy thresholds as the dashboard, then shows an answer with the useful numbers and chart.
Example: you ask “why did my traffic drop this week?”. Snorklee AI answers with the sources, the pages involved, a chart and the numbers it used.
4. Verifiable compliance
GDPR self-assessment export, pre-filled processing register, online-signable DPA, per-jurisdiction documentation (GDPR · CCPA · Law 25 · Privacy Act). All available from your dashboard.
5. Proportional retention
90 days for raw events, 25 months for aggregates. No archive outside the database. Your data doesn't linger — that's GDPR data minimization in spirit.
Context
A brief history of web analytics — and why it had to be redone.
Thirty years of audience measurement in nine milestones. Pioneers, ad-tech monopoly, GDPR earthquake, waves of fines, AI breakthrough — and the gap that was left to fill.
-
1993
The first hit counter
Webhits, then Analog (1995), invent reading Apache log files. Web analytics is born server-side: one number, one page, zero JavaScript. Privacy is implicit — there's simply no one to track.
-
2005
Google buys Urchin and invents free analytics
Google Analytics launches. Free, powerful, tagged everywhere. The implicit deal: you measure your site, your data flies to Californian servers. For a billion websites, it became the default for fifteen years.
-
2016–2018
GDPR rewrites the rules
Adopted in 2016, enforceable on 25 May 2018, the GDPR requires transparency, minimisation, data-subject rights and strict safeguards for transfers outside the EU. Cookie banners flood the web.
-
2018–2019
A new wave of privacy-first analytics
GDPR opens a market: Fathom Analytics (2018, Canada / UK), Simple Analytics (October 2018, Netherlands) and Plausible Analytics (April 2019, Estonia, open source) all answer the same question: can you measure an audience without cookies, without cross-site IDs, without reselling data? The first generation of concrete answers.
-
2020
Schrems II ruling: the earthquake
On 16 July 2020, the Court of Justice of the European Union hands down ruling C-311/18 (Schrems II) and strikes down the Privacy Shield. The operational takeaway is simple: international data transfers must be documented, contractually governed, and checked case by case. Its successor, the Data Privacy Framework (July 2023), remains closely watched.
-
2022
Google Analytics declared illegal in Europe
Austria fires the opening shot in January 2022 (DSB). France's CNIL follows on 10 February. Then Italy (Garante), Denmark, Norway, Finland, the Netherlands. The shared verdict: GA exposes European visitors to US surveillance. Public sites must migrate urgently.
-
2023
A record year for GDPR fines
Meta is hit with €1.2 billion in May for illegal EU → US transfers (Ireland's DPC). TikTok gets €345 million for handling minors' data. Criteo is fined €40 million for ad targeting without consent (France's CNIL). Cumulative GDPR fines to date: over €4 billion.
-
2024 → 2025
ChatGPT, Claude, Gemini: a new audience
AI assistants become a traffic source in their own right: they cite pages, send crawl bots, and refer visitors from their chat windows. Classic analytics tools count them as humans — or ignore them as noise. Marketers fly blind.
-
2026
snorklee — a dashboard that explains
snorklee becomes a four-view dashboard: Snorklee AI to read the period and answer questions, Analytics to keep the numbers, Integration to install cleanly, Compliance to document. Post-cookie, hosted in the EU, humans and AI counted separately. Not a certification: an architecture you can explain.
Concrete commitments
What the dashboard changes day to day.
Four views, one simple logic: understand, verify, install, document. The dashboard should help a small team decide, not force it to translate tables for an hour.
For marketing
In the Analytics view: human KPIs, sources, pages, conversions, SEO search and AI presence. AI chat visits and AI crawlers stay separate from human traffic.
For privacy teams
In the Compliance view: Status & documents, electronic DPA signature, retention periods, export and erasure, data protection contact. A verifiable working base, not legal advice.
For developers
In the Integration view: install the tracker, test installation, WordPress plugin, platforms and AI crawler capture. Less fragile integration, more concrete diagnostics.
For leadership
A documented European stack, readable costs and data that remains actionable. You choose a tool your team can defend in front of a client, an audit or an internal committee.
For visitors
No analytics cookies, no cross-site tracking, no advertising profile. People visit your site, you measure what works, and each side stays in its lane.
For product teams
Events, content, errors and sources live in the same place. The dashboard helps prioritize what deserves fixing, not just watch a line go up.
Frequently asked
Precise answers, no detours.
Do I need a cookie banner with snorklee?
No, not for snorklee alone. Measurement uses no cookie and no persistent identifier: no cookie, no fingerprint, daily-rotating ID, IP never stored; the statistics returned are anonymised. European data-protection authorities consider this type of audience measurement exempt from consent collection, provided no other consent-bound tracker is loaded on the page.
Do my data ever leave the EU?
Production analytics data is hosted in the European Union. Some optional or adjacent services have their own perimeter: Mollie for payments, Scaleway for public audit scans, Google Search Console and Bing only if you enable them. Providers and exceptions are documented in the DPA and privacy policy.
How do you identify a visitor without a cookie?
Via an HMAC ID computed server-side from a monthly-rotating salt and today's date. That ID changes automatically every night, cannot be cross-site joined, and is never stored on the browser side. The IP is never persisted.
Do you help with GDPR-compliant use?
Yes. snorklee is designed to support compliant use: no analytics cookie, no fingerprinting, no cross-site ID, raw IP not stored, 90-day raw event retention and 25-month aggregates. Opt-out, export, erasure, self-assessment, register and DPA are included. You remain responsible for your legal basis, visitor notice and other tools.
Can I use it in the US, Canada or Australia too?
Yes, subject to checking your context. The technical foundation is European (GDPR), without analytics cookies or cross-site ID. Supporting documents and contractual clauses exist for California (CCPA / CPRA), Canada (PIPEDA + Law 25), Australia (Privacy Act). Per-jurisdiction detail: /privacy-compliance.
Who are your sub-processors?
Main providers include Clever Cloud (hosting), DB-IP / Eris Networks (geolocation), Mollie (payments), Brevo (transactional email), an AI operated in France (aggregate summaries) and Scaleway for some public audit scans. The full list and DPA are documented in the Compliance tab of your dashboard.
What does Snorklee AI actually do?
Snorklee AI has two simple uses. Generate a period summary when you need a readout, or ask a plain-language question like “why did my traffic drop?”. The answer cites available aggregates, shows a chart when useful, and stays in the dashboard language.
How do you handle AI traffic (ChatGPT, Claude, Gemini, Perplexity)?
Two signals stay separate. Visitors sent by ChatGPT, Perplexity, Gemini, Copilot or Mistral appear as human visits from AI chats. AI indexing robots are captured separately through server, CDN or platform modules. The report shows detected agents, cited pages and the breakdown.
How big is the JavaScript tracker?
Around 2 KB once compressed. By default, the snippet loads from snorklee.com. If you enable the first-party proxy mode, it can be served from your own domain without an added external CDN. Internal discipline keeps the tracker close to that target.
How do I export or delete my data?
CSV and JSON export from the UI or via the public API, free. Deletion on request (GDPR art. 17) in one click from your site settings. Retention: 90 d raw events, 25 mo aggregates — beyond that, automatic purge.
If these principles resonate…
…you're in the right place. Start in 2 minutes, no card.