there was another question about this that i responded to in this thread. no local storage is used.

We generate a daily changing identifier using the visitor’s IP address and User Agent. To anonymize these datapoints, we run them through a hash function with a rotating salt.

hash(daily_salt + website_domain + ip_address + user_agent)

This generates a random string of letters and numbers that is used to calculate unique visitor numbers for the day. Old salts are deleted to avoid the possibility of linking visitor information from one day to the next.

See full details here: https://plausible.io/data-policy

cool thanks. sorry, still can't see the other question even after you made me aware of its existence.

here is my answer: https://news.ycombinator.com/item?id=24696768

Fingerprinting. I'm working on a competing product which is also open-source. This is how I do it: https://github.com/emvi/pirsch/blob/master/fingerprint.go

And I think that is what most privacy-focused solutions do at the moment.