Skip to content
Independently verified · Quarterly re-audit
EU VETTED

Trackboxx

VERIFIED
Web analytics · Germany

German sole-proprietor cookieless analytics, B2B-only, with daily-rotating anonymisation and BunnyCDN script delivery.

In short

Trackboxx, in the Web analytics category, is a European service with Germany as its hosting location and at most minor, transient US exposure under the CLOUD Act.

Assessment notes

German sole-proprietor analytics product (Christian Pust, Halberstadt) with cookieless tracking, daily-rotating anonymisation, and named sub-processors disclosed in the privacy policy. EU-owned but the hosting provider for customer analytics data at rest is not publicly disclosed, the Imprint omits HRB/VAT details, no formal DPA artefact is published, and AWS Simple Email Service (US-owned) is used for newsletter email, resulting in minor CLOUD Act exposure.

CLOUD ACT
OWNERSHIP
SUB-PROCS
3 · 0 US
Verified signals
Jurisdiction
  • EU / adequacy hosting
  • EU / adequacy operator
  • No US CLOUD Act exposure
Transparency
  • Public DPA
  • Sub-processors disclosed
  • Open-source clients
  • Third-party certification
JUMP TO
OVERVIEW

About Trackboxx

Trackboxx is a small German cookieless web analytics product operated by Christian Pust as a sole proprietorship (Humboldtstraße 9, 38820 Halberstadt; branch office at Dorfstr. 12, 22956 Grönwohld). The service is sold strictly business-to-business, the imprint explicitly states that "Unser Service richtet sich ausschließlich an Unternehmer" (our service is directed exclusively at commercial customers). Co-founders Christian and Ulrike split development, strategy, marketing, and social media duties.

The product runs cookieless analytics with rotating daily encryption codes for visitor anonymisation, marketing itself as "100% DSGVO-konform" with the Bitmi (Bundesverband IT-Mittelstand) member badge. The privacy policy is unusually transparent for a small vendor: the named sub-processors are Paddle (UK, payments / merchant of record), Amazon Web Services (Amazon Simple Email Service for newsletter delivery, the only US-owned sub-processor), Userlike (DE, chat), BunnyCDN (SI, script delivery), and TradeTracker (NL, affiliate tracking). What it does not disclose is the underlying hosting provider or data-centre location for the customer analytics database itself, which is the main gap for procurement-grade buyers.

Pricing was not captured at audit (the public /pricing and /preise paths returned 404) and a formal DPA artefact is not linked; the imprint also omits a Handelsregister number and USt-IdNr, which is consistent with a sole-proprietor (Einzelunternehmen) structure but unusual for a vendor courting business buyers. Best fit: small German-speaking SMBs and e-commerce shops that want a low-friction Google Analytics replacement, accept a sole-proprietor counter-party, and don't need a contract-grade DPA. Procurement-led buyers should choose Pirsch, Plausible, or Wide Angle Analytics in this category instead.

SUB-PROCESSORS

Sub-processor map · 3

Source ↗
  • BunnyWay d.o.o. EU
    Slovenia

    CDN services (BunnyCDN)

  • Paddle.com Market Ltd. non-US
    United Kingdom

    Payment processing

  • TK ENTERPRISES LTD EU
    Cyprus

    Hosting / IT-server infrastructure (datacenter Frankfurt, Germany)

Zero US-incorporated sub-processors.
CERTIFICATIONS

Frameworks & certifications · none listed

We checked the vendor's website and standard certification body registries. No active certifications found at the time of last audit (2026-05-10).
FEATURES

Capability matrix

Cookieless Yes
Self-hostable No
Custom events Yes
Funnels Yes
Session replay No
GA import No
Stats API No
INTEGRATION & ACCESS
REST API No
SSO (SAML / OIDC) No
COMPLIANCE & GOVERNANCE
Audit log No
Self-host / on-prem option No
PRICING

Pricing & tiers

PAID
Custom pricing

Contact vendor for tier or volume pricing.

View pricing page ↗
PUBLIC DOCUMENTS

Public documents

  • Data Processing Addendum (DPA)
    trackboxx.com/daten…
    Open ↗
  • Sub-processors list
    www.trackboxx.com/datenschutz…
    Open ↗
  • Terms of Service
    www.trackboxx.com/agb…
    Open ↗
ALTERNATIVES

Alternatives in this category

GoatCounter
Ireland · Founded 2019
EU-SOVEREIGN

Solo-developer open-source web analytics on Hetzner DE/FI; no IP storage, no trackers, free for personal use, MIT-style source on GitHub.

Public DPA Sub-processors Open source
FROM
CLOUD ACT
NONE
Matomo
New Zealand · Founded 2007
EU-HOSTED

Open-source web analytics (NZ-incorporated InnoCraft) with EU-hosted Matomo Cloud on AWS and full self-hosted option.

Public DPA Sub-processors Open source
FROM
€29/mo
CLOUD ACT
MATERIAL
Pirsch Analytics
Germany · Founded 2020
EU-SOVEREIGN

German cookieless server-side web analytics on Hetzner Gunzenhausen with bilingual public DPA and Schrems II-aligned posture.

Public DPA Sub-processors Open source
FROM
€6/mo
CLOUD ACT
NONE