What we track
Satsu is built to answer "how is my site doing?" without answering "who is this person?". This page is the exact list of what's collected, what's derived, and what we refuse to touch. It doubles as the source for our privacy documentation.
Collected by the tracker (client-side)
The tracker ships only raw signals; all intelligence lives server-side. It sends:
- Pageviews — the path, the referrer, and your screen width. The query string is stripped before storage; UTM parameters are extracted server-side.
- Custom events — the name and flat props you pass to
window.satsu(). Props must never contain personal data. - Presence heartbeats — a lightweight "still here" ping while the tab is visible. Used only for the live count. Never stored, never billed.
- UTM parameters —
utm_source,utm_medium,utm_campaign, parsed from the URL server-side. - Ad click-id presence — the name of a click-id parameter (e.g.
gclid,fbclid) if present. The value is never stored — only that one was there. - SPA route changes — automatic pageviews on client-side navigation.
- Outbound link clicks — the destination URL, with query and hash stripped.
- File downloads — clicks on common file types or
downloadlinks. - Scroll depth — how far down a page a visit reached (25 / 50 / 75 / 100 %), once per pageview.
Derived server-side
From those raw signals, Satsu derives — at processing or query time, never stored as an identity:
- Country — from IP, at country level only. The IP itself is not stored.
- Browser, OS and device class — from the user-agent string.
- Bot filtering — obvious bots are dropped.
- Session metrics — bounce rate, visit duration, pages per visit — computed from the daily-rotating fingerprint.
- Channel — Direct, Organic Search, Social, Referral, Paid, Email or AI — classified at query time, not stored.
- Goal conversions — matched at query time against your goals.
The session key that ties a visit together is a daily-rotating fingerprint, not a cookie or stored ID. See How it's private for exactly how it works.
Deliberately not tracked
The following are refused by design — not a roadmap gap, a decision:
- Session recordings, mouse movement, or individual heatmaps.
- Persistent identifiers of any kind — no cookies, no localStorage IDs, no cross-day fingerprints.
- Personal data in custom event props — actively rejected.
- Reverse-IP company lookup ("which company visited").
- Anything that would require a consent banner.
By design: what Satsu can't tell you
Because the fingerprint rotates every day, Satsu cannot track a returning visitor across days, build a retention cohort, or follow one person's journey over time. That limit is the point — it's what makes the "no consent needed" promise true. Geography is country-level only, for the same reason.
Next: How it's private →