GitHub Repository

Privacy-first mobile analytics. Self-hosted, session-based, 5-field storage. No personal data retained.

39 starsPython

Respectlytics – Open-source, privacy-first mobile analytics (MIT+AGPL)

Name: Respectlytics – Open-source, privacy-first mobile analytics (MIT+AGPL)
Availability: InStock
Author: cesncn

by cesncn·Feb 15, 2026·26 points·2 comments

Visit Project View on HN

AI Analysis

●●SolidBig BrainNiche GemSolve My Problem

Privacy analytics via data minimization, but Plausible, Fathom already own this niche.

Strengths

•Return of Avoidance philosophy genuinely minimizes what exists to protect—transparent by design.
•Open-source + self-hosted means verifiable compliance claims, not vendor trust required.
•Five-field constraint forces deliberate thinking about what analytics actually need.

Weaknesses

•Very early (2 days old, 2 stars, single commit)—production readiness unclear, no track record.
•Privacy analytics market already has established players (Plausible, Fathom)—needs differentiation beyond philosophy.

Post Description

Hey HN — I built Respectlytics because I was frustrated that every mobile analytics SDK quietly collects device IDs, ad identifiers, and IP addresses, then makes you retroactively figure out compliance.

There are some solutions out there claiming that they are compliant with certain privacy regulations but when I dig into it, I observe that they actually are not that compliant as they claim to be. I believe Respectlytics is one of the most (if not the most) privacy focused mobile analytics solutions out there but compliance is a huge topic and I leave the decision to the legal teams/advisors of users/companies.

Instead of the "trust me bro" motto, I decided to make Respectlytics totally open-source so that people do not need to trust my word, they can verify it in the code itself.

The idea of Respectlytics builds upon Return of Avoidance (ROA) which relies on data minimization in analytics data collection: What if you just... didn't collect that data in the first place?

Respectlytics stores exactly 5 fields per event: event_name, session_id, timestamp, platform, and country. That's it. IP addresses are used transiently for country lookup and immediately discarded. Session IDs rotate latest every 2 hours (or every app start) and live only in RAM — never written to disk. Multi-session tracking is architecturally disabled.

What's open source:

4 mobile SDKs (Swift, Flutter, React Native, Kotlin) — MIT licensed Analytics server (Django + PostgreSQL) — AGPL-3.0 Self-hosting is simple: docker compose up -d. No ClickHouse, no Kafka, no Redis. Just PostgreSQL.

There's also a managed SaaS if people don't want to run infrastructure, but the self-hosted Community Edition has no artificial limits.

I'd love feedback on the architecture decisions — especially the choice to reject extra fields at the API level rather than just ignoring them silently.

Similar Projects

Open Source●Mid

Visage, privacy-friendly web analytics for self-hosters

Yet another privacy analytics tool—Plausible and Umami already own this space.

Cozy

jessym

111mo ago

SaaS●●Solid

Pure Metrics – Privacy-first web analytics, <1KB script

The pitch is concrete: a sub‑1KB tracker, no cookies and an installable PWA dashboard with realtime events and revenue tracking. Using edge/HTTP headers for country-level geo is a neat, privacy-safe trick, but this sits squarely in a crowded field (Plausible, Fathom, Umami) so the differentiator feels incremental unless there’s deeper evidence on accuracy, bot filtering and retention policies. Nice product polish and sensible feature set — useful if you want low-overhead, privacy-first metrics without hosting your own stack.

Solve My ProblemSlick

AdriByte-Studio

104mo ago

Developer Tools●●Solid