Data Collection & Storage
Learn about NodeFn's privacy-first approach to web analytics and how we handle your data.
Privacy at a Glance
Privacy by Default
We don't collect personal information about your visitors.
No Cookies
Works without cookies; consent banner typically not required.
Anonymous Analytics
Short-lived session IDs that don't identify individuals.
Optional Heatmaps
Pointer coordinates only. Can be disabled anytime.
AI Content Analysis
Server-side only, public pages only, never behind login.
You Own Your Data
Stored on AWS USA. EU residency coming soon.
Our Privacy Promise
We don't sell data or use it for cross-site advertising. Your analytics data is yours alone.
What We Collect
Traffic & Attribution
Page URL/path, title, referrer, UTM parameters (e.g., utm_source, utm_campaign), timestamps
Events & Navigation
Page views and transitions between pages
Device & Browser Basics
Screen size, language, timezone, device type, browser/OS
Session Grouping
Short-lived, random session ID to count multiple page views from the same visit together
Coarse Location
City/region/country (e.g., "San Francisco, California, USA") - no street addresses or precise locations
What We Never Collect
- ✗ Names, emails, or passwords
- ✗ Payment details or financial information
- ✗ Form field values or keystrokes
- ✗ File contents or uploads
- ✗ Microphone or camera data
- ✗ Full session replays
Heatmaps
How Heatmaps Work
- •Records x/y pointer coordinates for clicks and hovers at a modest sampling rate
- •No DOM capture - we don't collect element text, input values, or page HTML structure
- •Coordinates only associated with short-lived, random session IDs
Disable Heatmaps Anytime
You have full control over heatmap collection. To disable:
data-enable-heatmap="false"AI Visual Analysis
Server-Side Analysis Only (Not performed by the tracker)
Our AI periodically captures screenshots of publicly accessible pages to:
- • Surface UX issues (eg: broken CTAs, 404 errors)
- • Identify content optimization opportunities
- • Generate actionable recommendations
Important: Screenshots are never captured in visitors' browsers and never on authenticated, gated, or private pages. We don't request credentials or bypass access controls.
Your Control & Rights
Configure Collection
- • Disable heatmaps via configuration
- • Exclude specific pages from tracking
- • Custom retention periods (coming soon)
Data Rights
- • Request data deletion anytime
- • Full ownership of your data
- • Transparent data practices
Privacy Compliance
GDPR Friendly
No personal data collection by default. Data deletion available on request.
CCPA Friendly
We don't sell personal information. Transparent data practices.
Note: While our cookieless approach typically doesn't require a consent banner, regulations vary by jurisdiction. Always consult with legal counsel for your specific situation.
Data Storage & Security
Storage Location
United States on AWS infrastructure. EU data residency planned.
Encryption
TLS in transit (secure connections), industry-standard encryption at rest
Access Controls
Site and user scoped data, least-privilege access, MFA-protected (multi-factor authentication) admin access, all actions logged
Data Retention
Up to 13 months for year-over-year analysis. Configurable retention coming soon.
Deletion
On request, we remove account data and derived insights (subject to legal obligations)
Frequently Asked Questions
Do I need a cookie banner if I use NodeFn?
Typically no, since we don't use cookies or collect personal data. However, regulations vary by jurisdiction, so we recommend consulting with legal counsel.
Can I use NodeFn for HIPAA-compliant websites?
Please contact our privacy team at [email protected] to discuss your specific compliance requirements.
How do I delete my data?
Email [email protected] with your account details, and we'll process your deletion request promptly.
Questions or Concerns?
We're committed to transparency about our data practices.
Last updated: September 17, 2025