How UK indie hackers build a SaaS analytics stack under GBP 50 a month in 2026

Open any "best SaaS analytics stack 2026" post and you will count three things in sixty seconds: dollar prices, a US cookie banner screenshot, and a confident recommendation to "just use GA4". None of that helps you if you are a UK builder shipping a side project from a kitchen table in Sheffield. The pricing is wrong, the compliance lens is wrong, and the defaults are the ones most likely to get you a polite but unambiguous letter from the ICO.

The other thing UK indie hackers keep getting wrong in 2026 is the Data (Use and Access) Act 2025. The DUA Act carved out a narrow exemption for first-party, site-improvement analytics that are properly anonymised. Read the Act and you will see a real opportunity to ditch the cookie banner. Read the LinkedIn posts about the Act and you will see people claiming it "ends cookie banners in the UK". Both of those are wrong in different directions, and the difference is worth real money.

Why GBP 50 a month is the right ceiling

If you are between GBP 0 and GBP 1K MRR, the ceiling for your entire analytics stack -- not one tool, the whole lot -- is GBP 50 a month. Any more than that and you are spending 5% of revenue on instrumentation at GBP 1K MRR. That is a tax you do not need to pay while you are still figuring out whether the thing works.

The numbers that follow are public list prices as of April 2026. All prices are in GBP where the vendor prices in GBP; where they price in USD, I have converted at 0.78 GBP to the USD and rounded up so you are not caught short on the invoice. Add 20% VAT on top for anything you buy from a UK-registered supplier if you are VAT-registered (more on that in the gotchas section).

• Below GBP 1K MRR: GBP 5 to GBP 20 a month is plenty.
• GBP 1K to GBP 5K MRR: GBP 20 to GBP 40 a month is the sweet spot.
• Above GBP 5K MRR: you have earned the right to spend up to GBP 50 and still be under the ceiling. After that the conversation changes and you should probably be reading a different blog.

The five metrics you actually need

Ignore dashboards that show you 47 metrics. At GBP 0 to GBP 1K MRR you need five:

1. Page views on your three most important pages (landing, pricing, signup). Anything more granular is noise.
2. Signup conversion rate from landing to account created. One funnel, two steps.
3. Activation rate -- the percentage of new signups who hit the core "aha" event within 24 hours. Define that event yourself. For a writing tool it might be "saved first document". For a billing app it might be "connected first invoice".
4. Churn at 7, 30 and 90 days. Free trials obscure this, so measure from first paid day.
5. LTV -- average revenue per paid user multiplied by average paid lifetime in months. Back-of-envelope is fine; you are not running a hedge fund.

Everything else is a distraction until you are past GBP 5K MRR. The tools below are chosen to make those five numbers easy to read, not to give you 400 charts to ignore.

The UK-first tool shortlist

Tool	Price (GBP/mo)	Cookieless	DUA-exempt by default	VAT on invoice	Best for
Plausible Growth	9	Yes	Yes, if first-party configured	Yes, 20% for UK VAT-registered	Page views, referrers, conversions
PostHog Free	0 (up to 1M events/mo)	Optional	Yes, if anonymised	Yes on paid tier	Product analytics, feature flags, funnels
Umami self-host	0 to 5 (hosting only)	Yes	Yes	Hosting VAT only	Cheapest compliant option
Vercel Analytics	0 (built in to Pro plan)	Yes	Yes	Part of Vercel invoice	Next.js apps already on Vercel
GA4	0	No	No (by default)	N/A	Do not default to this

Plausible -- GBP 9/mo, cookieless, the safe default

Plausible's Growth plan is GBP 9 a month for up to 10K monthly page views. It is cookieless, first-party, open-source, and hosted in the EU (Germany). For a UK indie hacker it is the single easiest way to be DUA-compliant without thinking about it. The dashboard is boring in the best possible way: page views, referrers, UTM campaigns, and conversion goals. You will not get session replays or heatmaps. You do not need them yet.

One wrinkle: to keep the DUA exemption watertight you should run Plausible as a first-party subdomain proxy (for example stats.yourapp.co.uk) rather than loading plausible.io/js/script.js directly. The proxy setup is documented and takes about ten minutes with a Next.js rewrite or a Cloudflare Worker. Skip it and you are still compliant under most readings, but you lose the "first-party only" belt-and-braces argument.

PostHog -- free up to 1M events, your product analytics layer

PostHog's free tier gives you 1 million events per month, which is more than almost any pre-product-market-fit SaaS will use. It covers funnels, session recordings, feature flags and A/B tests. EU cloud is available (Frankfurt) if you want to keep data in-region. For DUA compliance you want to turn off session recording for unidentified users, disable the default autocapture of email inputs, and pseudonymise user IDs.

The honest trade-off: PostHog's free tier is generous because they want you to grow into their paid tier. If you cross 1M events, the price jumps quickly. Keep your event taxonomy tight (10 to 15 event names maximum) and you will stay in the free tier for a long time.

Umami -- self-host for effectively GBP 0 to 5

If you already pay for a Vercel Pro plan or a Railway instance for your main app, Umami self-hosts onto the same stack for effectively nothing. The Docker image runs on a hobby-tier Postgres database; the dashboard is a single page; the tracker script is 2KB. It is cookieless by design and does not collect personal data, which makes the DUA exemption automatic.

The trade-off is time. Expect to spend 45 minutes setting it up and ten minutes a month maintaining it. For GBP 5 a month saved over Plausible, that is probably not a good use of your time unless you enjoy self-hosting for its own sake.

Vercel Analytics -- already in your bill

If your front-end is on Vercel Pro (GBP 16/mo), you already have Vercel Analytics. It is cookieless, it collects Core Web Vitals, it integrates with Next.js with a single import, and it is included in the Pro plan. Use it for page views and Web Vitals even if you run Plausible alongside -- they answer different questions. Vercel gives you "is my site fast", Plausible gives you "where are my visitors coming from".

GA4 -- the anti-recommendation

GA4 is free. It is also, by default, not DUA-exempt. The standard GA4 install drops third-party cookies, sends data to the US via Google's servers, and requires a consent banner under UK GDPR and the DUA Act unless you switch on consent mode v2 with advanced measurement modelling. Setting that up correctly is a half-day job, and even then your data is modelled (read: made up) for users who decline consent.

For UK indie hackers in 2026 the GA4 default install is the single biggest compliance footgun. Skip it. If a client or stakeholder insists, install it alongside Plausible and treat the GA4 numbers as directional only.

Three stacks by budget

Bootstrap stack: GBP 5/mo

• Umami self-hosted on your existing Vercel or Railway (GBP 0 to 5/mo hosting)
• PostHog free tier (GBP 0/mo)
• Vercel Analytics if you are on Pro already (included)

Total: GBP 0 to 5/mo. You get page views, funnels, feature flags, and Web Vitals. You do not get the peace of mind that comes from someone else running the dashboard. Fine at GBP 0 MRR; upgrade at GBP 500 MRR.

Lean stack: GBP 20/mo

• Plausible Growth (GBP 9/mo)
• PostHog free tier (GBP 0/mo)
• Vercel Pro including Analytics (GBP 16/mo, but you were going to pay this anyway)

Total: GBP 9/mo for analytics-specific spend. This is where most UK indie hackers should sit between GBP 500 and GBP 2K MRR. Plausible gives you boring, reliable top-of-funnel numbers. PostHog gives you product-level funnels and the ability to run a feature flag without writing your own. You stop worrying about the stack and start worrying about the product.

Growth stack: GBP 40/mo

• Plausible Business (GBP 19/mo, 100K page views)
• PostHog Starter (GBP 0 to 20/mo depending on events)
• Vercel Pro (included)

Total: GBP 19 to 40/mo. By the time you are paying this you should be past GBP 2K MRR and you should know exactly what each tool is giving you. If you cannot articulate that in one sentence per tool, cancel one of them.

The DUA Act 2025 in plain English

The Data (Use and Access) Act 2025 is the UK's post-Brexit amendment to the UK GDPR and PECR regime. The part indie hackers care about is Section 115, which created a "soft opt-in" and "low-risk cookie" exemption for first-party analytics that are:

1. First-party -- the tracking script runs on your domain, data stays within your control, no third-party cookies are dropped.
2. For site improvement only -- you use the data to understand and improve the service, not for advertising or sharing with third parties.
3. Anonymised or pseudonymised -- no direct identifiers (email, full IP address, device ID) are stored long-term.

Hit all three and you do not need a cookie banner for analytics. You still need a privacy policy entry, and you still need to declare the data processing, but the explicit consent pop-up is gone.

Plausible, Umami and Vercel Analytics hit all three by default. PostHog hits them if you turn off session recording for anonymous users and disable advertising-adjacent features. GA4 hits none of them in its default install.

The mistake I keep seeing in 2026 is builders reading "first-party" as "self-hosted". It is not. First-party means the data flow is under your control on your domain -- a subdomain proxy or a standard Plausible install with the script served from their EU servers both qualify as long as the cookie (if any) is set on your domain and the data is not shared.

Event naming and a simple funnel

Your events are your analytics. Get the naming convention right on day one and you will thank yourself at month six.

Use object_action in snake_case. Examples:

• signup_submitted
• email_verified
• first_document_saved (your activation event)
• checkout_started
• checkout_completed

Rules:

• One verb per event. Past tense always.
• No parameters in the event name -- use event properties for context.
• Never more than 20 distinct event names. If you need more, you are doing it wrong.

Once you have those five events, the signup funnel in PostHog is three clicks: add a new insight, pick "Funnel", drop in the events in order. Same in Plausible with its Goals feature, though you will only get the top-of-funnel step.

For activation, the funnel you care about is signup_submitted to first_document_saved within 24 hours. Anything under 40% is a product problem, not a marketing problem.

UK-specific gotchas

VAT on invoices. Plausible, PostHog and Vercel all charge 20% VAT to UK VAT-registered businesses above the VAT threshold (GBP 90K turnover as of 2026). That VAT is reclaimable, but it hits your cashflow monthly. Budget GBP 50/mo including VAT, not GBP 50/mo excluding it.

Sub-processors in your privacy policy. Every tool in your stack is a sub-processor under UK GDPR. List them. Plausible is Hetzner (Germany). PostHog EU is AWS (Frankfurt). Vercel is AWS and Google Cloud (multi-region). Umami self-hosted is whoever hosts your app. A three-line "our sub-processors" table in your privacy policy will save you a painful email later.

GA4 consent mode complexity. Even if you keep GA4, the consent mode v2 install requires a CMP (consent management platform), an updated tag template, and consent signals for ad_storage, analytics_storage, ad_user_data and ad_personalization. That is four consent categories to manage for a tool you probably do not need. Skip GA4 and skip the complexity.

Mixpanel and Amplitude are overkill. Both are excellent tools used by excellent companies. Both start at around GBP 20/user/mo for serious tiers and are built for product teams with 10+ people. If you are a solo UK indie hacker, PostHog's free tier is 80% of the functionality at 0% of the price.

ICO registration. If you process personal data as a business in the UK, you need to register with the ICO and pay the annual fee (GBP 40 to GBP 60 for a small business). Anonymised analytics alone would not trigger this, but if you store any user account data you already need to be registered. It is cheap, fast, and removes a compliance worry.

Ship plan: 30 minutes to live analytics

Enough theory. Here is the install path for the lean stack.

1. Minutes 0 to 5: Sign up for Plausible, add your domain, copy the script tag.
2. Minutes 5 to 10: Drop the Plausible script into your Next.js root layout or your <head>. If you are on Vercel, add the @vercel/analytics and @vercel/speed-insights packages at the same time.
3. Minutes 10 to 15: Sign up for PostHog EU cloud, install the JS SDK, drop the init call into your layout. Identify users on login with a pseudonymised ID, never the raw email.
4. Minutes 15 to 25: Add your five events (signup_submitted, email_verified, first_document_saved, checkout_started, checkout_completed). Use Claude Code, Cursor or Lovable to scaffold the calls; paste the event taxonomy above into the prompt and let the LLM wire them up. OpenCode, Bolt, Replit and Base44 all handle this equally well.
5. Minutes 25 to 30: Commit. Deploy. Open an incognito window. Walk through your signup flow. Watch the events land in PostHog's Live tab. If they do not land, your ad-blocker is the most likely culprit; try a second browser.

Done. You have a DUA-compliant, cookieless, under-GBP 50/mo analytics stack that will take you to GBP 5K MRR without a rebuild.