Privacy and data
Analyse is cookieless by default and collects no personal data unless you explicitly identify a user. Here is exactly what is stored, where, and for how long.
Cookieless by design
The SDK sets no cookies, first party or otherwise, and loads no third party pixels. Instead it keeps a random device id (analyse_anon_id) in localStorage, plus a session id with a 30 minute inactivity timeout. In private browsing, where storage may be unavailable, tracking degrades gracefully.
What an event contains
For each event Analyse receives the page URL and referrer, the anonymous visitor and session ids, browser, operating system, device type, screen size, and any UTM parameters. That is it. No fingerprinting, no IP based profiles.
Personal data enters the system only when you call identify() with a user id and traits. That call is opt in and under your control, so you decide what your privacy policy needs to cover.
Visitor choice signals
The WordPress plugin honors Do Not Track and Global Privacy Control headers when you enable those options, and can skip logged in users entirely. On custom installs you can make the same decision yourself before calling init.
Retention
Raw events are kept for your plan's retention window, 6 months on Starter, 12 on Pro, 24 on Autopilot, and custom on Agency. Identified user profiles remain until you delete them.
Clearing data on a device
reset() clears the anonymous id, the identity link, and the session from the browser. The next event from that device starts a fresh anonymous history.
Cookieless tracking usually means no consent banner is needed for the anonymous analytics itself, but regulations differ by region and by what else your site does. Check with your own counsel, this page is a description of the mechanics, not legal advice.