Open most SaaS products and count the requests. A typical accounting platform loads Google Analytics, Google Tag Manager, Facebook Pixel, Hotjar, Intercom, and half a dozen retargeting scripts before your first click. Your financial data sits on servers alongside session recordings and behavioural profiles.
SpeyBooks loads none of that. Zero tracking cookies. Zero third-party scripts. No cookie consent banner, because there’s nothing to consent to.
This isn’t a marketing position we adopted after the fact. It’s an architectural decision made on day one.
What We Actually Use
SpeyBooks sets exactly two cookies, both essential for the application to function:
| Cookie | Purpose | Lifetime |
|---|---|---|
sb_session | Keeps you logged in | Session (deleted when browser closes) |
sb_csrf | Prevents cross-site request forgery | Session |
That’s it. Both are session-scoped — they disappear when you close the browser. Neither tracks anything. Neither is shared with third parties.
Under UK PECR (the Privacy and Electronic Communications Regulations), essential cookies don’t require consent. If a cookie is strictly necessary for the service the user requested, you don’t need a banner. So we don’t have one.
No dark patterns. No “reject all” button hidden behind three clicks. No cookie wall. The best cookie banner is no cookie banner.
Analytics Without Tracking
We still need to understand how people use the site. We use Umami — a self-hosted, open-source analytics platform.
What Umami gives us: page views, referral sources, country-level location, device type, and browser. Aggregate data only. No individual user tracking.
What Umami doesn’t do: set cookies, store IP addresses, track users across sites, build behavioural profiles, or share data with anyone.
The Umami instance runs on our own infrastructure. No data leaves our servers. If you have Do Not Track enabled, Umami respects it.
This gives us everything we need to understand traffic patterns and improve the product, without knowing or caring who you are individually.
What We Deliberately Don’t Run
This is the list of tools we evaluated and chose not to use:
Google Analytics — sends your users’ behaviour data to Google. Even GA4 with anonymisation still transmits data to Google’s servers, where it’s subject to US data access laws.
Session recording tools (Hotjar, FullStory, LogRocket) — record mouse movements, clicks, and form interactions. Some capture keystroke data. For an accounting platform, that means potentially recording financial information in a third-party system.
Retargeting pixels (Facebook, LinkedIn, Google Ads) — follow your users across the web after they visit your site. We decided that if someone looks at accounting software, they shouldn’t see adverts for it on every website they visit for the next month.
Intercom / live chat — most chat widgets inject significant JavaScript and set tracking cookies. We use a contact form instead.
CDN-served fonts — Google Fonts sends requests to Google on every page load, revealing your users’ browsing patterns. We self-host our fonts.
The Technical Architecture
The privacy stance is enforced at the infrastructure level, not by policy alone:
Content Security Policy (CSP):
default-src 'self';
script-src 'self' umami.speybooks.com;
connect-src 'self' api.speybooks.com umami.speybooks.com;
img-src 'self';
font-src 'self';
style-src 'self' 'unsafe-inline';
The Content Security Policy header whitelists exactly which domains the browser is allowed to contact. If someone were to inject a third-party script, the browser would block it. The CSP acts as a technical guarantee, not just a promise.
Data residency: all data is stored in the UK on GCP’s europe-west2 region. Sub-processors are documented publicly at speybooks.com/sub-processors.
Authentication: JWT tokens with proper expiry and CSRF protection. Passwords hashed with Argon2. No third-party auth providers — your credentials never leave our infrastructure.
Why This Matters for Financial Data
Your accounting records are some of the most sensitive data you have. They reveal your revenue, your clients, your expenses, your tax position, and your cash flow. They’re protected under GDPR as personal data when they relate to individuals.
Most accounting platforms treat privacy as a compliance checkbox. Tick the GDPR boxes, add a cookie banner, publish a privacy policy, and move on.
We think that’s backwards. If your accounting software is loading tracking scripts from a dozen third-party companies, those companies are processing your data too. Every third party is an additional surface area for breaches, subpoenas, and policy changes.
The simplest way to protect data is to not collect it in the first place.
The Business Trade-Off
The honest trade-off: we have less data than competitors. We can’t build detailed user profiles. We can’t do behavioural retargeting. We can’t tell you which specific user visited the pricing page three times before signing up.
What we can tell you: how many people visit the site, which pages they look at, and where they come from. That’s enough to make good product decisions.
We believe the trust we build by not tracking is worth more than the conversion data we lose. Especially when your target audience is developers — a group that runs ad blockers, reads privacy policies, and checks network requests.
- SpeyBooks sets exactly two cookies — both session-scoped and essential
- No cookie banner needed because there are no non-essential cookies (UK PECR)
- Umami provides aggregate analytics without cookies, IP storage, or cross-site tracking
- Content Security Policy enforces the privacy stance at the browser level
- All data stored in the UK (GCP europe-west2) with sub-processors publicly documented