4 min read
Cronitor RUM helps website owners measure and understand the performance of their websites. It does so by automatically de-personalising session data and presenting it in an aggregated format. We only collect the necessary data and we do not sell data under any circumstances.
In this document, we’ll explain how Cronitor RUM handles the personal data of your end users, where the data is stored, and how you have control over it - all in simple terms.
Cronitor RUM automatically depersonalizes personal data we detect when collecting it from your website. That means any information we find that can identify a specific individual, such as an IP address, name, email address, or phone number, is automatically removed or replaced with generic information.
For customers with specific data processing and storage requirements, we offer a relay server which you can deploy in a data center under your control. This server becomes the first point of contact for your visitor’s data and strips out IP addresses before they even reach our servers.
We have a strict policy of no selling of personal data to third parties under any circumstances. Our business is funded by charging for the product, not by hoarding vast amounts of personal data for selling or advertising purposes. That means our business model is aligned for user privacy, and we have no incentive to collect more data than necessary.
You’re in complete control of your site data. You can access it anytime, configure inbound filters to block specific countries, paths, restrict data collection to specific networks, and even delete all data if you no longer wish to use the service.
Our analytics script is open source and collects the information listed below:
We do not store IP addresses as part of the visitor session data, and do not make use of tracking cookies.
However, something important to note is that every HTTP request automatically includes an Internet Protocol (IP) address in the request headers, this is how the internet works, and it’s not particular to us.
Just like any other service that takes security seriously, we do use IP addresses to prevent abuse using rate-limiting and to power many security features that protect our customer’s data. This includes temporary access logs, and active logged-in session verification. Additionally, IP addresses are used to derive anonymized data such as the visitor’s country and as part of our anonymous session tracking mechanism.
To be clear, we do not store raw IP addresses for purposes other than security or to prevent abuse, and they are not stored any longer than necessary. This data is typically deleted within minutes except for our audit logs which are automatically deleted within 14 days. We do not sell personal data to any third-party.
We developed a two-layer session tracking mechanism that automatically forgets about individual visitor devices, while still giving website owners useful data.
It’s different from plain browser fingerprints, because the resulting session IDs have zero personal data encoded in them. They are completely random 128-bit UUIDs, without a cookie linked to them, and they are not browser fingerprints or user hashes.
This is in part possible because the algorithm automatically destroys any link between the visitor that generated the data and the session IDs.
The reason we created this method, is because it gives everyone complete peace of mind. Even in case of an absolute disaster and we leaked the session data, you couldn’t brute any IP address, User Agent, or sensitive data out of the Session IDs. There’s no personal data encoded, or hashed into them.
For transparency, below you’ll find a simplified view of our session tracking algorithm: