GoatCounter claims to be GDPR compliant, but also says it collects:
URL of the visited page.
Referer header.
User-Agent header.
Screen size.
Country name based on IP address.
A hash of the IP address, User-Agent, and random number
As such, it seems to be processing user data that could be linked to an individual person.
I'd be cautious about the claim that GoatCounter is totally GDPR compliant (without a consent notice). You're safe, for now, on the basis that this doesn't seem likely to be tested in law.
It's tricky writing these kind of things haha. You can actually disable data collection for a number of parameters: disable "User-Agents" for example and they will never be stored to disk. I should probably update a few of these pages.
URL of the visited page. Referer header. User-Agent header. Screen size. Country name based on IP address. A hash of the IP address, User-Agent, and random number
As such, it seems to be processing user data that could be linked to an individual person.
I'd be cautious about the claim that GoatCounter is totally GDPR compliant (without a consent notice). You're safe, for now, on the basis that this doesn't seem likely to be tested in law.