just do a basic check on the based.win shop, whole page is funneled via cdn (bunny cdn), they have analytics, so not true they are not tracking, there is also woocommerce wordpress plugin, makes me wonder, the page is running on wordpress? the path is /wp-plugins/woocommerce, meaning there is wordpress core, so where is the cookie banner? maybe its forked wp core, idk. but the whole punch with no tracking is questionable.
hosting, you can host it at home server, its more difficult but you can still do it, if someone will ddos you you will have a fun time.
you can still host on privacy friendly VPS, or just other hosting service, just read contract. Hosters usually dont scale customers data, for sure they will have ip addresses, but that will be also visible to your IPS when hosting from home server.
as a shop platform, clean php core and for front end some js. Like were 10y ago, lol. everything served as 1st party, no loading out from page, no google fonts, no third party scripts and bullshits, plugins.
own cache, own ssl, own seo, no cloudflare, no cdn, and it could go on for a while.
it a shop, business needs to have stats, so if you sit on bunch of money no problem, but if you like to have ypur biz up and survive, then you need to know where the customers cliking, where they come from and what is hot for them.
good luck,
no device yet, it was written in the way > if we will continue in this kind of thinking/tolerating/doing things we will end up with identifiers implemented in kernels, so far there is no such a thing, the worst so far can be an idea to have anticheat on bios level, cause of stupid COD players, i hopr u get the idea
here is no such a stuff,
i wanna advice here one thing, world is big and each of the states got laws which applies to the trade and also to the ecommerce, so you need to have some data on the hand when eventually law enforcement will ask for it, or you would need to proof something to someone, even to customer. You have to know what are you aligible to do, collect and how you are working with data, this goes same for restrictions and mandatories for you,… laws like GDPR in EU.
its web development, people are studing this for years, backend frontends, idk if you have any skill and exp but there is a,lot of free stuff on the net about web dev.
long story short, if you will develop, read and understand code, you will know what is about, meaning you can restrict as much you like, therefore protect customer.
the system is flawed to the root, if you would run some illegal stuff and even make it so that the web will not track, there are many other way how to get the data from you, servers logs, db logs, audit logs, ip logs, ips logs. Out from your hand stuff like local device setups, browser setups …
we have to try anyways.