Plausible
Privacy-first website analytics — cookie-free, GDPR compliant, read-only.
Why founders connect Plausible
Plausible users tend to value privacy and simplicity — which is exactly what Fold adds on top. Instead of opening Plausible every day to check if traffic moved, Fold surfaces your visitor count alongside revenue and email metrics, making it easy to see if a traffic spike actually meant anything.
How your data flows
From Plausible to your Fold dashboard
This is the exact sequence every time Fold runs its daily sync. Nothing runs outside this pipeline.
Plausible API
Encrypted API key
Your API key is stored encrypted (AES-256) in our database. It is sent only to Plausible's API over TLS 1.3 and never logged.
Read-only API requests
6 HTTP GET calls per sync
Fold makes 6 read-only requests to Plausible's API — the exact endpoints are documented in the section below. No write requests are ever made.
Filter & aggregate
Personal data stripped before storage
The raw API response is processed in memory. Only aggregate numbers (totals, counts, rates) are extracted. Any field containing personal information — names, emails, IDs — is discarded and never written to disk.
Stored in your account
AES-256 at rest · row-level isolation
The filtered snapshot is written to your isolated tenant in our database, encrypted at rest. Row-level security ensures no other Fold user can read your data — not even via a misconfigured query.
Shown in your dashboard
Overview · Analytics · AI Digest
The stored aggregate numbers surface across your Fold dashboard — the Overview tile, Analytics tab charts, and the AI-generated daily digest. No raw data from the API is ever returned to the frontend.
Step 1 — How you connect
The exact connection flow
Here is precisely what happens when you connect Plausible to Fold, step by step.
- 1Go to your Plausible dashboard → Settings → API Keys.
- 2Create a new API key — name it "Fold Analytics".
- 3Copy the key and paste it into Fold's Settings tab, along with your Plausible site domain.
- 4Fold validates the key and performs an initial sync.
- 5Delete the key from Plausible at any time to immediately revoke access.
Step 2 — Permissions we request
Exactly what access Fold asks for
We request the minimum permissions needed. No more.
- Stats API key — read-only access to your site's aggregated analytics data.
- Fold does not request access to your Plausible account settings, billing or other sites.
Step 3 — API calls Fold makes
Every request we send to Plausible
These are the exact API endpoints Fold calls during each sync, and why.
GET /api/v1/stats/aggregate
Total visitors, pageviews, bounce rate and visit duration.
GET /api/v1/stats/breakdown?property=visit:source
Traffic source breakdown (organic, direct, referral, social).
GET /api/v1/stats/breakdown?property=visit:page
Top pages by visitors.
GET /api/v1/stats/breakdown?property=visit:device
Desktop vs mobile vs tablet split.
GET /api/v1/stats/breakdown?property=visit:country
Top countries by visitors.
GET /api/v1/stats/timeseries
Daily visitor trend for the sparkline chart.
API impact: Fold makes 6 Stats API requests per sync. Plausible's API has a generous limit and our usage — a handful of aggregate calls per day — is negligible.
What we store
Exactly what lands in our database
Every field we persist — with a real example and the reason it exists. Nothing more is stored.
| Field | Example value | Why we store it |
|---|---|---|
| Unique visitors (period) | 4,200 visitors | Traffic KPI tile. |
| Total pageviews | 12,800 pageviews | Volume metric. |
| Bounce rate | 38% | Traffic quality metric. |
| Average visit duration | 2m 14s | Engagement metric. |
| Traffic by source | Google: 1,800 / Direct: 900 | Channel attribution chart. |
| Top 10 pages by visitors | /pricing: 620 visitors | Content performance widget. |
| Device split | Desktop: 58%, Mobile: 39% | Device breakdown chart. |
What a daily sync actually stores
One day's record — verbatim
This is a real-looking example of the row Fold writes to your account after a single sync. Every field, every value — nothing hidden.
{
"date": "2025-04-23",
"visitors": "4200",
"pageviews": "12800",
"bounce_rate": "0.38",
"visit_duration": "134",
}
No customer names. No emails. No transaction IDs. Just numbers.
What we never store
Data Fold never touches
These fields are explicitly excluded. Even if the Plausible API returns them, Fold ignores and discards them before any storage step.
- Any individual visitor data — Plausible itself doesn't collect it
- IP addresses (Plausible doesn't log them; neither does Fold)
- Cookies or tracking identifiers
- Individual session logs
- Your Plausible account email or billing information
What Fold never does
Hard limits — enforced at the API level
These aren't just policies — they're technically impossible given the permissions we request. Plausible's own API enforces them.
- Modify your Plausible site settings or goals
- Access other sites in your Plausible account
- Add tracking scripts to your website
- Share your analytics data with any third party
- Use your data to train AI models
Privacy note — Plausible specific
Plausible is a privacy-first analytics platform that does not use cookies and does not collect any personally identifiable information. Since Plausible doesn't have individual visitor data, Fold cannot access it either — the privacy guarantee is built into the platform itself.
Data retention
How long we keep it
Synced metrics are retained while your Fold account is active and purged within 24 hours of disconnecting or account deletion.
Refresh frequency
How often we sync
Automatic sync every 24 hours. Manual refresh available from Settings.
How to revoke access
You are always in control
You can disconnect Plausible from Fold at any time — from either side. Both options immediately stop all data access.
From Fold
Settings → Plausible → Disconnect. All synced Plausible data is deleted immediately.
From Plausible directly
Plausible Dashboard → Settings → API Keys → Delete the Fold Analytics key.
Open Plausible settingsSecurity standards
How your credentials are protected
AES-256 encryption at rest
Your API key is encrypted with AES-256 before being written to our database. It is never stored, logged, or returned in plaintext.
TLS 1.3 in transit
All API calls from Fold to Plausible use TLS 1.3. Your credentials cannot be intercepted in transit.
Read-only enforcement
Plausible's own API enforces the read-only permissions server-side. Even if Fold's code had a bug, the platform would reject any write request.
Row-level security
Your synced data is isolated in our database with row-level security. No other Fold user can query your data.
FAQ
Questions about the Plausible integration
Plausible is already privacy-first. Does Fold change that?
No. Fold only reads the same aggregated statistics you see in your Plausible dashboard. Since Plausible never collects individual user data, there is none for Fold to access.
Does connecting Fold add any tracking to my website?
No. Fold reads your Plausible data via API. We add nothing to your website — no scripts, no pixels, no cookies.
I have multiple Plausible sites. Which does Fold sync?
When you connect, you enter the specific site domain you want to sync. You can update this from Settings at any time.
Other live integrations
See how other connections work
Ready to connect Plausible?
Start your free trial — no credit card
7 days full access. Connect Plausible and every other live integration. Cancel anytime. Your data deleted on request, immediately.