Ciphera Help
Pulse

Privacy & Data Collection

What Pulse collects, what it never touches, and the per-site controls available to you.

Pulse is designed to be compliant with privacy regulations by default. The tracking script collects only what is necessary to produce aggregate analytics and stores nothing that can identify an individual.

What Pulse never does

  • Sets cookies or uses localStorage to track visitors
  • Fingerprints browsers using canvas, WebGL, fonts, or similar techniques
  • Stores raw IP addresses
  • Collects names, emails, or any personal data
  • Tracks visitors across different websites

How visitor identity works

Pulse needs to distinguish unique visitors without cookies. It does this server-side using a daily-rotating HMAC hash:

hash = HMAC-SHA256(domain + IP address + User-Agent)

The salt rotates every day. The same visitor on the same day produces the same hash, so Pulse can deduplicate pageviews into unique visitors. The following day, the same visitor produces a completely different hash. The hash cannot be reversed to recover an IP address.

Raw IP addresses are discarded immediately after the hash is computed and are never written to disk.

Per-site privacy controls

Go to Settings → Privacy to configure what your site collects.

Data toggles

Each dimension can be turned off independently:

  • Page paths — the URL path of each pageview
  • Referrers — the referring domain
  • Device info — browser, OS, and device type
  • Screen resolution — viewport dimensions
  • Audience data — country, city, language, and timezone

Geographic granularity

Choose how precisely Pulse records location:

SettingWhat gets stored
FullCountry, region, and city
Country onlyCountry only
DisabledNo geographic data

Data retention

How long Pulse keeps individual event records. Options range from 1 month to 3 years, depending on your plan. Aggregated daily statistics (totals, not individual events) are kept permanently regardless of this setting.

Dynamic path grouping

When enabled, Pulse automatically collapses URL segments that look like identifiers — UUIDs, numeric IDs, hashes — into a placeholder. For example, /orders/a1b2c3d4 becomes /orders/:id. This prevents high-cardinality paths from fragmenting your top pages report.

Query parameter allowlist

By default, Pulse strips all query parameters from page paths before recording them. Add parameter names to the allowlist to preserve specific ones — for example, lang or tab. Parameters not on the list are removed.

Browser privacy signals

Pulse respects:

  • Do Not Track (navigator.doNotTrack === "1") — no event is sent
  • Global Privacy Control (navigator.globalPrivacyControl === true) — no event is sent
  • WebDriver — automation is detected and excluded

Privacy policy snippet

Settings → Privacy includes a pre-written snippet you can paste into your site's privacy policy. It describes Pulse's data collection in plain language and is kept up to date as the product changes.

If you are subject to GDPR, you do not need a cookie consent banner for Pulse. No cookies are set, and no personal data is processed. Review the generated privacy snippet with your legal team to confirm it covers your specific obligations.

Bot & Spam Filtering

How Pulse's Cerberus engine detects and removes bot traffic from your analytics, and how to review and override decisions.

Team Management

Invite team members, assign roles, and manage access to your Pulse organisation.

On this page

What Pulse never doesHow visitor identity worksPer-site privacy controlsData togglesGeographic granularityData retentionDynamic path groupingQuery parameter allowlistBrowser privacy signalsPrivacy policy snippet