Most websites track their visitors. Not in a dramatic, cinematic way – no one’s watching through the webcam. But in a quiet, pervasive way that most business owners don’t even know is happening.
If you’ve ever had a website built, or used a DIY platform, there’s a good chance your site is collecting data about your visitors and sending it to third parties – often without any real benefit to you or your business.
Privacy first approach
I do things differently. Every site I build is designed with privacy as a foundation, not an afterthought. Here’s why that matters and what it actually means.
The hidden cost of “free” tools
When something on the internet is free, you’re usually paying with data. Google Fonts, Google Analytics, Facebook pixels – these tools cost nothing to use because the companies behind them extract value in other ways.
Take Google Fonts. Millions of websites use them because they’re free, easy to implement, and look good. But every time someone visits your site, their browser makes a request to Google’s servers to load those fonts. Google now knows that person visited your site, when they visited, what device they used, and can add that to everything else they know about them.
Is that a fair trade for a nice typeface? I don’t think so.
Google Analytics is more obvious – it’s explicitly a tracking tool. But most small business owners don’t need the vast majority of what it collects. They want to know how many people visited, which pages are popular, and where traffic comes from. They don’t need Google building detailed profiles of their visitors to sell advertising.
What happens when you add a Facebook pixel
If you’ve ever been told to “add the Facebook pixel for marketing,” here’s what that actually means: every visitor to your site gets tracked by Facebook, whether they have a Facebook account or not. Their browsing behaviour feeds into Facebook’s advertising machine.
Some businesses make a conscious choice that this trade-off is worth it for their advertising strategy. But many have pixels installed without really understanding what they do, often added by a developer or agency as a matter of course.
I don’t add tracking pixels unless a client specifically requests it and understands what they’re agreeing to. It’s not my place to compromise your visitors’ privacy by default.
Plugins: the accumulating problem
WordPress is powerful because of its plugin ecosystem – there’s a plugin for almost anything. But every plugin you add is a potential privacy and security risk.
Many plugins load external scripts, connect to third-party services, or collect data you never asked for. Some are simply poorly coded and create vulnerabilities. The more plugins on a site, the more surfaces for things to go wrong.
I keep plugin use to a minimum. Every plugin on a site I build is there for a specific reason, vetted for privacy and security, and actually necessary. No bloat, no “just in case” installations, no plugin graveyards.
The alternative: privacy-respecting tools that still work
Building a privacy-focused website doesn’t mean flying blind. It means choosing tools that respect your visitors while still giving you what you need.
For analytics, I use Fathom. It tells you what you actually want to know – visitor numbers, popular pages, traffic sources – without tracking individuals, setting cookies, or sending data to advertising companies. It’s GDPR compliant by design, which means simpler cookie notices and genuine respect for your visitors.
For fonts, I self-host. The same typefaces, loaded from your own server, with no data sent to Google. Your visitors get the same visual experience without the surveillance.
For any functionality that might normally require a third-party service, I look for privacy-respecting alternatives first. They exist for almost everything – it just takes a bit more care to find and implement them.
Why this matters for your business
You might be thinking: does anyone actually care about this? My visitors probably don’t know or mind.
Maybe. But consider it from another angle.
Trust is the foundation of any business relationship. When someone visits your website, they’re giving you a small amount of trust – enough to spend a few minutes learning about what you do. If your site is quietly harvesting their data and sharing it with tech giants, you’re not honouring that trust, even if they never find out.
There’s also a practical dimension. Privacy regulations like GDPR exist because people do care, even if they’re not always aware of the specifics. Building a site that respects privacy from the start means simpler compliance, fewer cookies to consent to, and less risk of falling foul of regulations.
And increasingly, people are paying attention. Browser features that block trackers, growing awareness of data privacy, high-profile scandals about how personal data gets used – the tide is shifting. A privacy-respecting website isn’t just ethical; it’s increasingly good business sense.
Privacy as architecture
I approach privacy the same way I approach everything else in web design: as a structural decision.
You don’t add privacy at the end, like a coat of paint. You build it in from the start, choosing tools and approaches that respect your visitors by default. Every decision – which fonts to use, how to handle analytics, what plugins to install – is made with privacy as a consideration.
It’s not about paranoia or making things difficult. It’s about building something you can be proud of, that serves your business without compromising the people who visit it.
What this means at WordPressMatic
Every website I build follows these principles:
- No Google Fonts – typefaces are self-hosted
- No Google Analytics – I use Fathom for privacy-respecting analytics
- No Facebook pixels or third-party marketing trackers unless specifically requested
- Minimal plugins, each vetted for privacy and security
- No hidden scripts or unnecessary data collection
- GDPR compliance built in, not bolted on
Your visitors get a fast, clean experience. You get the insights you need without the ethical baggage. And you can tell your customers, honestly, that you respect their privacy.
That’s how it should be.