On this page you will find described the data that UXWizz uses and stores on user's PC and on your own server about your visitors that are being recorded using the tracker.js script.

Cookies (data stored on user's computer)

1. UXWizz does not store cookies on the user's PC .

2. UXWizz stores data in sessionStorage to identify the current browser session. This unique ID is destroyed once the user ends their session (closes the browser tab). This session ID can't be used to identify the same user user between two distinct visits.

3. UXWizz also uses localStorage to store user preferences (eg: disable tracking) and for performance improvements as a caching layer before sending data to the server. No data stored in localStorage is sent to the server or used for user tracking purposes.

Personal information

1. What data is stored on the UXWizz server?

The following data might be considered personal information and could be used to indirectly associate a person's identity to a specific recorded session:

1. For each user visit an unique ID is assigned that is only valid for the current browsing session.

2. Hash of IP + User Agent of the user. (the admin can also decide to save the plain, not hashed, IP).

3. Using the IP, geolocation data will be generated (Country and optional City).

4. Browser version and screen resolution.

5. Date of visit, visit duration, pages visited.

6. (Optional) Actions done by the user on that site, (unless otherwise disabled by the administrator), such as:

   1. Mouse movements, clicks and scroll activity

   2. Window resizing events

   3. Keyboard input on fields that have not been excluded from tracking

   4. (Optional) If the full tracking system is being used, the page content (except the ignored elements) can also be sent to the server.

7. (Optional) Tags which can be created by specific user actions defined by the webmaster (eg. clicked a button).

8. (Optional) Events which can be created by specific user actions defined by the webmaster (eg. clicked a button).

Note that point (6) above might lead to sensitive information being tracked about the user. It is the webmaster's responsibility to make sure that the tracker is not included on any pages where the user has to enter sensitive information, or at least to disable tracking the form inputs which ask for sensitive information if the user did not consent to this data being stored.

2. Why is this data stored?

The data mentioned above is stored in order to aid with improving the user experience by analyzing common user behavior, more precisely it is used to:

1. Playback recordings of the visit. (eg: so the webmaster can understand why the user did or did not perform a specific action.)

2. Generate aggregated heatmaps/scrollmaps, used to understand which parts of the website's UI draw the most attention.

3. Have an overview of the traffic reaching the website in order to improve the quality of this traffic and possible conversion rates.

Most stats and tools should ultimately be used for improving the user experience.

3. Opting out or in for tracking

Any visitor accessing a domain where UXWizz is installed can disable tracking by accessing any of the pages of that domain where the tracker is installed and add ust-opt-out query string like this:

www.example.com?ust-opt-out

Doing this will save a flag in localStorage so future visits will not be tracked in any way.

You can also re-enable tracking by using the query stringust-opt-in.

The UXWizz dashboard admin can also decide (using the tracking settings) to:

• respect or not the doNotTrack flag of the browser

• show or not a consent pop-up

4. Data removal

Q: How can the user ask for deletion of his data? A: As the user's token is destroyed from their machine after the session ends, by default, the only cross-session personally identifiable information is the IP+User Agent hash. The user can contact the webmaster and ask for his data to be removed based on the IP+UA mentioned if those have not changed. If those have changed (eg. dynamic IP or browser was updated), by default, there is no way to uniquely identify the user anymore.

Q: Can a specific individual be associated with a session? A: Unless there is other personal data stored (as mentioned in points 1.6, 1.7, 1.8), the recorded data can not be considered personal information as the actual person or device that generated the visit can not be associated with a specific session.

Q: How long is data stored for? A: By default, the number of sessions stored is limited (to 100.000, but the limit can be altered by the webmaster) and once this limit has been reached old sessions will be replaced by newer ones. Data can also easily be permanently deleted, individually or in bulk, by the webmaster. Unless deleted using the aforementioned methods the data is stored indefinitely.

Data stored of webmasters using the UXWizz dashboard

Being self-hosted, UXWizz does not send any dashboard usage data to external servers.

i.e. we don't save data about webmasters when they access your UXWizz dashboard.

There are cookies saved on the webmaster's own PC when they log into the UXWizz dashboard in order to maintain the login session.