Aptabase Review (2026)

Aptabase is one of two privacy-first analytics tools in this directory built ground-up for apps (alongside TelemetryDeck) — but the broadest cross-platform: 11 first-party SDKs covering Swift, Kotlin, Flutter, React Native, Tauri, Electron, .NET MAUI, NativeScript, Unity, Unreal, JavaScript. TelemetryDeck specializes in Apple platforms; Aptabase covers everything from iOS to Unreal games to Tauri desktop. Every other entry is a web-analytics product that may or may not have a side door for mobile — Aptabase is the inverse, with web as a side door.

The technical core is unusual. Every event is hashed at ingest using SHA(IP + UA + per-app salt) where the salt rotates every 24 hours. After that 24-hour window, even Aptabase itself cannot link a user across days. There are no cookies (impossible on iOS / Android anyway), no device IDs, no IDFA, no GAID, no fingerprint. App Store and Play Store privacy questionnaires can be answered "Data Not Collected" across the board — vendor publishes an Apple App Privacy guide confirming this.

The free tier is generous: 20,000 events/month, unlimited apps, both EU (Germany) and US (Virginia) regions, 5-year retention, all 11 first-party SDKs (Swift, Kotlin, Flutter, React Native, Tauri, Electron, .NET MAUI, NativeScript, Unity, Unreal, JavaScript). Self-hosting is AGPL-3.0 with a Docker Compose recipe (Postgres 15 + ClickHouse 23.8). Billing is no-overage — exceed your cap, ingest pauses, no surprise invoice.

Aptabase is event logging, not product analytics. There are no funnels, no goals, no conversion attribution, no cohort analysis, no retention curves — features that Mixpanel, Amplitude, and even OpenPanel ship as core. If you want to know what fraction of users who triggered signup_started reached signup_completed within 7 days, you'll be exporting CSVs and computing it yourself. Among directory peers, Umami ships basic funnels (v3.1+), and Swetrix bundles funnels + A/B + feature flags into its $19 plan; Aptabase does none of that.

Pricing is opaque. The pricing page is a slider widget — only the $0 free tier (20k events) and a $10/month entry tier are discoverable without signing up. No public ladder for 100k / 250k / 1M events.

The vendor publishes no formal sub-processor schedule (privacy policy lists only GitHub and Google OAuth — the AWS App Runner and Tinybird dependencies are only on record because the founder mentioned them in a Tinybird interview). No DPA URL, no encryption claims in the privacy policy, no third-party security certs. Sumbit Labs Ltd is a single-founder Irish company — small-vendor concentration risk.

Best for: native mobile and desktop app developers who want App Store-friendly analytics without IDFA, ATT prompts, or consent banners. Strong fit for indie iOS/Android apps, Tauri/Electron desktop tools, Unity/Unreal games, and React Native / Flutter projects where Firebase Analytics would force a privacy-policy footnote you'd rather not write.

Real value at $10/mo and free tier: Free covers most pre-launch and early indie apps (20k events/month is enough for a few hundred MAU at moderate event verbosity). The $10 floor takes you well into the small-product range. Self-hosting is realistic if you already operate Postgres and a ClickHouse node.

Not for: websites — for site analytics, the directory's web-first tools (Plausible, Fathom, Pirsch, Simple Analytics) are stronger. Not for product analytics — if your KPI conversation is funnel-shaped (signup → activation → paid) you'll outgrow Aptabase fast — look at OpenPanel or Mixpanel. Not for marketing attribution — there's no install-referrer pipeline and no IDFA, so paid-acquisition attribution is impossible.

Aptabase is one-init-call per platform.

iOS / Swift — add Aptabase Swift package, then in App.init():
Aptabase.shared.initialize(appKey: "A-EU-XXXXXXXX") then Aptabase.shared.trackEvent("app_launched").

Android / Kotlin — Gradle dependency on com.aptabase:aptabase-kotlin, init in Application.onCreate() with the same app-key pattern.

React Native / Flutter / .NET MAUI / Tauri — analogous init plus trackEvent(name, props) for custom events. Props are flat key-value (string / number / boolean).

Region selection: the prefix in your app key determines region — A-EU-… pins to Germany, A-US-… pins to Virginia. Pick one per app at creation; you cannot switch later.

Build modes: SDK auto-detects Debug vs Release; debug events go to a separate visualization stream so they don't pollute production stats.

Self-host: clone aptabase/aptabase, docker compose up, point the SDK at your custom host URL via the optional 'host' parameter, run behind a TLS reverse proxy.

This is migration from Firebase Analytics or Mixpanel mobile, not GA4. GA4 is web-side; Aptabase is app-side.

1. Inventory existing events. Pull your Firebase / Mixpanel event taxonomy. Aptabase events are flat name + flat property map — deeply nested Mixpanel super-properties have to be flattened.
2. Map user identity → property. Firebase has setUserId(), Mixpanel has identify(). Aptabase deliberately does not — there's no user-identity primitive. Pass the identity hash as an event property (props.user_tier, props.account_age_days), but accept you cannot stitch sessions across days for the same person.
3. Drop attribution hooks. Anything that pulled IDFA / IDFV / GAID / install referrer needs to be deleted. No equivalent in Aptabase by design.
4. Replace funnel queries with CSV export. If you used Mixpanel funnels, you'll need an external SQL/Python step on the CSV export, or move to OpenPanel/Mixpanel-paid.
5. Run dual-stack for one release. Ship Aptabase alongside Firebase for one release cycle, compare daily session counts (same order of magnitude), then remove Firebase in the next release.