HACKER Q&A
📣 wonderfuly

How to collect usage data without violate user privacy?


When building side projects, usage data would be useful for product iteration, like which part of your product has most usage, what countries are your users from, etc. But users are also very concerned about their privacy. So how can we collect usage data without violate user privacy? What data is ok to collect? what is not? and how?

  👤 ggeorgovassilis Accepted Answer ✓
That depends on the legislation in your country (which may include international agreements to abide to other countries' data protection laws). But you should be fine with these main provisions:

Data privacy policy: offer a data privacy policy which explains which data is processed (collected, stored, processed), for which purpose and how a user can request data deletion. State clearly when data cannot be anonymised (eg. email for user login). Make sure to include 3rd party data processors (eg. google analytics).

Purpose: process only the data needed, don't process data because it might be useful in the future

Identifying data: where such data identifies a single person, anonymise it (eg. blank out the last part of the IP address)

Retention: aggregate and anonymise data as soon as possible, delete the raw data once it stops being useful