We audit green and ethical brand websites for trackers, ad pixels, and third-party leaks — then engineer a genuinely privacy-first replacement stack. Matomo instead of Google Analytics. OpenStreetMap instead of Google Maps. Self-hosted everything. No Meta Pixel. No data brokers. No compromises.
GDPR-aligned · Open-source stack · EU data residency available
of the top million websites embed Google trackers
third-party hosts loaded by a typical ethical-brand homepage
ad-tech companies can receive your visitor's data in a single page view
EU court rulings (Schrems I & II) against sending EU data to US ad platforms
If your site runs Google Analytics, Google Fonts, Google Maps, the Meta Pixel, or a typical "marketing stack," your visitors' behaviour is being broadcast to hundreds of surveillance companies you've never vetted — and on every page view. For an ethical brand, that's a values problem. In the EU, it's also a legal problem.
The Green Directory loads zero third-party trackers. No Google. No Meta. No TikTok. No ad networks. No session recorders. Every font, every icon, every script, every map tile is served from our own domain. You can open the Network tab and verify it yourself.
That's not a slogan — it's a technical claim we had to engineer for. We removed Google Fonts, replaced Google Maps with OpenStreetMap, swapped Google Analytics for self-hosted Matomo, self-hosted Font Awesome, and rewrote the theme's CDN dependencies. We know exactly what it takes because we did it to ourselves first.
If you hire us, you're not getting a generic privacy-consultant deck — you're getting engineers who've shipped a real privacy-first site on a WordPress/CMS stack and will do the same for yours.
Pick a single deliverable or a full engagement. We work with WordPress, Shopify, static sites, and most mainstream stacks.
A full network-level audit of every request your site makes. We identify every tracker, pixel, CDN, ad-tech endpoint, and data broker your visitors are being exposed to — with a written report, data-flow diagram, and prioritised remediation plan.
We replace Google Analytics with a self-hosted Matomo instance on your infrastructure — or Plausible / Fathom if you prefer a hosted European option. You keep the reports you care about; your visitors' data stops leaving your jurisdiction.
We engineer out the Meta Pixel, TikTok Pixel, LinkedIn Insight, Pinterest Tag, Google Tag Manager, session recorders, and every other surveillance embed — and replace the use-cases you actually need with privacy-respecting alternatives (server-side conversions, first-party event logs, etc.).
Google Fonts, Font Awesome CDN, jQuery from a CDN, Bootstrap from a CDN — every one of them is a leak. We migrate them to your own domain with proper caching and preload hints. "Every asset loads from our own domain" becomes a true statement, not a marketing one.
For the vast majority of "show my location" and "find nearby" use cases, OpenStreetMap + Leaflet is a complete replacement for Google Maps. We swap the backend, preserve the UX, and stop sending every map view to Google. No API keys. No per-view billing. No tracking.
If you sell into the EU, UK, or Scandinavia, the current mainstream analytics stack is arguably illegal. We review your data flows against GDPR, the Schrems II ruling, and national DPA guidance (DE, FR, AT, DK, FI, IT) — and give you a defensible, compliant architecture.
Starting from scratch or rebuilding? We build WordPress, static, or headless sites that are privacy-first on day one — self-hosted analytics, self-hosted fonts & icons, OSM mapping, no ad networks, no CDNs. Designed to stay that way.
Once your site is genuinely tracker-free, that is a story. We help you turn it into a differentiator — privacy-promise copy, trust-strip UI, modal explainers, blog content, and a public audit page visitors (and regulators) can verify.
Send us your URL. We run a live network audit and send back a one-page summary: what's loading, who it's going to, and what the quick wins are. No obligation.
If it makes sense to continue, we produce a full written audit with a data-flow map, GDPR risk scoring, and a prioritised remediation plan with effort estimates.
We execute the plan in focused sprints — analytics migration, tracker removal, self-hosting, map swap, copy & UI — with you reviewing and signing off at each stage.
Independent verification, a public privacy-promise page, and optional ongoing monitoring so new trackers don't sneak back in via plugins, tags, or marketing experiments.
Organic, zero-waste, regenerative, eco-clothing, ethical cosmetics, fair-trade, plant-based. Your customers are explicitly values-led; your site should be too.
If your impact report talks about stakeholder capitalism, your customers' data is a stakeholder concern. We make the technical stack match the governance story.
Visits to symptom checkers, baby-product sites, and wellness shops are some of the most sensitive data on the web. Ad networks don't belong anywhere near them.
Advocacy groups, charities, community platforms, and public-sector sites have an outright duty of care. We help you meet it with open-source infrastructure.
Post-Schrems II, your analytics stack is a regulatory exposure. We give you an architecture that is defensible to a DPA, not just a cookie-banner workaround.
You don't need to be a privacy extremist to want less surveillance in your business. If your customers are adults who'd prefer not to be sold, this is for you.
No. Matomo gives you visitor counts, page views, referrers, bounce rates, goals, e-commerce tracking, funnels — everything you use Google Analytics for. What you lose is Google's cross-site profile of your visitors, which wasn't yours anyway.
We don't insist you shut them off. For clients who need paid channels, we move to server-side conversion tracking that sends only explicit conversion events — not every page view — and keeps visitor browsing data out of the ad networks.
A tracker audit is 2–5 business days. A typical remediation + Matomo migration for a small/mid-sized WordPress or Shopify site is 2–4 weeks, depending on complexity. Full rebuilds are scoped individually.
Starter audit packages begin at a fixed fee; remediation is scoped after the audit. The free 30-minute scan gives you a ballpark before you commit to anything. We work with businesses of all sizes and offer NGO / small-indie rates.
Usually the opposite. Third-party scripts are the biggest performance drag on most sites. Self-hosted, HTTP/2-served assets are almost always faster than CDN-loaded trackers. Our own Lighthouse scores improved after we did this.
Yes. WordPress is our deepest specialty, but we also work with Shopify (within its limits), static sites (Astro, Eleventy, Hugo, Next.js), and custom stacks. If it has a network tab, we can audit and remediate it.
The Green Directory is operated by a small distributed team with roots in South Africa and the EU. We work remotely with clients globally and can host your infrastructure in the EU, UK, South Africa, or your preferred jurisdiction.
Send us your URL. Within a couple of business days you'll have a free one-page summary of every tracker, pixel, and third-party leak your visitors are being exposed to — and whether there's a meaningful project here for us to do together.
Or read the full background article: Why we don't track you: how the green web gets its data back
Most "eco" sites still quietly ship your data to Google, Meta, TikTok, and hundreds of ad brokers. We don't.
The Green Directory loads:
Analytics are handled by a self-hosted Matomo instance on our own server — your data never leaves.