aggressive data collection :PP
This commit is contained in:
@@ -86,27 +86,31 @@ table automatically.
|
||||
|
||||
## Viewer analytics
|
||||
|
||||
The site shows a GDPR-style consent banner before analytics start. If a visitor
|
||||
The site shows a centered cookie notice before analytics start. The first screen
|
||||
offers `Allow all` or `Configure`; detailed settings only appear after
|
||||
`Configure`. A necessary cookie remembers the visitor's choice. If a visitor
|
||||
allows analytics, the browser sends page-view and heartbeat events to
|
||||
`POST /api/viewers/event`. The public `/viewers` page reads `GET /api/viewers`
|
||||
and shows active pages, client/browser information, 24-hour page totals, and
|
||||
top pages.
|
||||
`POST /api/viewers/event`. Visitors can choose whether to include browser/device,
|
||||
screen, language/timezone, and referrer details. The public `/viewers` page reads
|
||||
`GET /api/viewers` and shows active pages, 24-hour page totals, top pages, and
|
||||
any consented client details.
|
||||
|
||||
Viewer analytics are stored in SQLite under the same `UPTIME_STORAGE_DIR` by
|
||||
default. Raw IP addresses are not stored in the public response; the server
|
||||
stores a salted IP hash for deduplication and abuse review. Set a unique salt in
|
||||
production:
|
||||
default. Raw IP addresses and IP hashes are not stored in viewer analytics.
|
||||
Withdrawing consent removes the local visitor ID and calls
|
||||
`POST /api/viewers/delete` to delete matching visitor/session analytics records.
|
||||
The `/privacy` page lists the controller, contact route, purposes, retention,
|
||||
rights, and complaint routes.
|
||||
|
||||
```sh
|
||||
ANALYTICS_DATABASE_FILE=viewers.sqlite
|
||||
ANALYTICS_RETENTION_DAYS=30
|
||||
ANALYTICS_ACTIVE_WINDOW_SECONDS=75
|
||||
ANALYTICS_SALT=replace-with-a-random-secret
|
||||
```
|
||||
|
||||
This is an implementation aid, not legal advice. For production GDPR compliance,
|
||||
publish a privacy notice that matches the configured retention period and data
|
||||
fields, and make sure the configured salt is secret.
|
||||
keep the `/privacy` page aligned with the configured retention period, hosting
|
||||
setup, and actual data fields.
|
||||
|
||||
## GitHub webhook
|
||||
|
||||
|
||||
Reference in New Issue
Block a user