In a world of security theater and corporate doublespeak, “we care about your privacy” is often just a tagline. Still, I’m hopeful that respecting customers’ privacy can be part of a viable business strategy, creating user trust and even driving sales.

I’m inspired by clients who are building privacy-friendly apps, and as a fan of digital minimalism, I’ve been experimenting with collecting as little data as possible on this site. Here’s what I’ve learned so far.

Why Privacy Can Be Practical (and Profitable)

Some founders assume that the only way to grow is to grab every byte of visitor and customer data. For years now, massive databases have been a popular way to optimize funnels and attract investors – and now, train homegrown LLMs. But there are a few reasons not to rely on data collection as your company’s main growth strategy:

• Data can be a liability, not just an asset. Every data point you accumulate means more obligations around storage and security, and more risk of data breaches. Minimizing unnecessary data collection simplifies your compliance burden under privacy laws like GDPR and CCPA/CPRA, not to mention various new state and pending state laws.

• Customers are increasingly privacy-aware. If you want to sell to a large corporate customer, especially one with a global presence, be prepared for a detailed review of your privacy practices. Keeping your products and services privacy-friendly will let you get through this process faster. B2B SaaS vendors, creators of development tools, and owners of consulting companies can all benefit from this approach.

• Privacy-friendliness can streamline your product and your operations. By avoiding unnecessary trackers, you reduce the need for cookie pop-ups and convoluted terms of use.

What SparkandSterling.com Does, and Doesn’t, Do

This site doesn’t collect personal data of any kind, unless it’s sent through the Contact Us form. There’s also no IP tracking, no session recording or heat mapping, and no Facebook or Google tracking pixels.

The site uses Plausible.io for analytics, which is a privacy-friendly alternative to Google Analytics. Plausible.io lists the most-viewed pages, which sites or search engines referred visitors, and average length of time per visit.

I wanted to see if these steps actually made Spark + Sterling more privacy-friendly in practice. Using The Markup’s Blacklight privacy inspection tool, I tested sparkandsterling.com. The results were:

✅ No third-party cookies
✅ No ad trackers
✅ No Facebook or Google tracking
✅ No keylogging or session recording scripts

By contrast, popular sites like LinkedIn and TikTok loaded multiple trackers and cookies, some explicitly designed to bypass ad blockers. TikTok even captured keystrokes made before a user posted. (That political rant you toned down before posting? The uncensored first draft may live on in a company’s private cloud).

I also cross-checked with Termly.io and Cookieserve.com to scan for cookies. Spark + Sterling uses only one cookie to enable emoji support 🤷🏼‍♀️ By comparison, LinkedIn served up either 16 or 22 cookies, depending which of these scanning services you use. TikTok’s browser version had either 31 or a whopping 55, many with unclear or purely advertising-related functions.

Am I Missing Out By Not Tracking Everything?

Could I squeeze out some interesting information by monitoring every click and scroll? Maybe, but I’d pay for it with additional complexity and compliance burdens. Right now, I don’t need granular tracking to operate effectively.

Of course, this could be very different for an online store or an ad-driven content platform. These types of companies may truly need more tracking in order to support B2C sales or compete with larger ad-funded ventures. But many B2B SaaS founders, IT security consultants, and boutique dev shops can significantly reduce tracking without harming growth.

Practical Steps for Founders Who Want to Be Privacy-Friendly

If you want to take a privacy-forward approach, consider:

1.  Adopting Privacy-by-Design: From the earliest days of creating your product or service, think about how to minimize data collection. Assume you’ll collect none, or the bare minimum, then demand a business justification and clear ROI for each data point you gather. Avoid collecting sensitive data unless your site or app can’t function without it.
2. Choosing privacy-friendly analytics: Evaluate Plausible.io, Fathom, or Matomo as alternatives to Google Analytics. Look for options that respect Do Not Track signals, anonymize IP addresses, and don’t use cookies.
3. Reviewing what your website is actually doing: To ensure that your site matches your privacy strategy, use The Markup’s Blacklight or similar scanners regularly.

Most of all, make sure your privacy decisions are intentional, and not a copy-paste of some other company’s strategy. Fear of missing out on revenue or new tech leads many founders to believe that they must run invasive ads and personalized tracking. Try out some privacy-friendly solutions and you might be pleasantly surprised.

Can Privacy Really Be a Competitive Advantage?

The phrase “privacy can be a competitive advantage” can sound naive coming from compliance teams, but there’s some truth in it. Being privacy-friendly differentiates you from competitors who bombard users with intrusive pop-ups. This approach reduces friction during enterprise security reviews or when pitching to security-conscious investors. And it can make your business simpler and cleaner to run, reducing your reliance on complex tech stacks and reactive compliance measures.

Privacy doesn’t need to be a drag on your profits. Done thoughtfully, it can align with your vision and build trust with the communities you serve.

If you’d like to design a privacy-forward approach for your business, contact us here to get started.