Tracking + privacy
The Skryx pixel is privacy-first by default: a fresh visitor can be
tracked at all only with sessionStorage (cleared on browser close),
and never with persistent identifiers unless they opted in via your
cookie banner.
This is a deliberate design choice — most analytics tools default to "track everything, opt out via cookie banner". We invert: default to session-only, opt in for persistence.
# What's tracked without consent
| Always | Only with consent |
|---|---|
session_id (sessionStorage, lifetime = browser session) |
anonymous_id (localStorage, persists across sessions) |
event_name and event-specific properties |
Cross-session linking |
| Page URL, referrer, user-agent | User-level cohort / funnel analysis |
| IP-derived country (server-side, not stored) | Identified-user tracking via skryx.identify(…) |
No PII fields are ever stored without explicit tenant action. No IPs, no full user-agents in the raw event row (truncated to 240 chars in the server-side context for fraud detection), no emails, no names.
# How the pixel reads consent
On init, the pixel reads localStorage.skryx_cookie_consent and looks
for:
{ "analytics": true }
If your cookie banner stores this key with analytics: true:
anonymous_idis persisted in localStorage.- Cross-session events from the same browser are linkable.
If the key is missing or analytics: false:
anonymous_idis null on every event.session_idlives only in sessionStorage.- When the user closes the browser, all tracking signal is lost (by design).
# Integrating with a custom consent banner
If you have your own banner, just write the canonical key:
// When the user clicks "Accept analytics"
localStorage.setItem('skryx_cookie_consent', JSON.stringify({
analytics: true,
marketing: false, // ignored by Skryx; safe to include for your own UI
timestamp: Date.now()
}));
// Tell the pixel to upgrade to persistent tracking right now
window.skryx?.consent(true);
If the visitor revokes later:
localStorage.setItem('skryx_cookie_consent', JSON.stringify({ analytics: false }));
window.skryx?.consent(false); // wipes anonymous_id immediately
skryx.consent(false) removes _skryx_anon from localStorage on the
spot. The current session continues without persistence; the next
session starts clean.
# GDPR posture
Skryx tracking is built to be GDPR-compatible when integrated correctly:
- Lawful basis: legitimate interest for session-only, consent for persistent. You decide which by configuring your banner.
- Data minimisation: every column in
eventsis opt-in for the tenant; nothing PII-shaped is collected by default. - Retention: see the Storage section below — events have a configurable per-tenant retention window (default 90 days, target for Phase 2).
- Right to erasure: deletion by
anonymous_idoruser_id— exposed via the Privacy page in/settings. Phase 2 will add a direct API endpoint. - Sub-processors: events live on the same EU infrastructure documented in the main Imprint page. No third-party trackers loaded by the pixel.
# Data residency
All event data is stored in EU data centres. No cross-border transfer. Same residency commitment as the rest of the Skryx platform.
# What "session-only" means in practice
Without consent:
session_idis a randomsess_…token stored insessionStorage.- Tabs sharing the same browser session share the same
session_id. - Closing the browser (or the last Skryx-using tab) drops the storage
→ next page load gets a fresh
sess_…. - The server-side
eventsrow carries the session_id but no link to anything persistent. - You can still see
search.performed,page.viewed,result.clickedwithin a session — just not across sessions.
This is enough signal to power:
- Real-time live feed
- Per-session search-result-rerank (Phase 2)
- Anonymous funnel analysis ("of X searches, Y converted in the same session")
It is NOT enough for:
- Cohort analysis (need persistent id)
- Multi-day retargeting
- Cross-device deduplication of the same user
Those features require consent.