tracio.aidocs

Getting Started

  • Overview
  • Quick Start
  • How It Works

SDK & API

  • Device Identification JS Agent
  • Trace API Reference
  • Trace Webhooks

Features

  • Device Identification Engine
  • Bot Detection
  • Trace Signals
  • IP Intelligence

Advanced

  • Cloud Deployment
  • Privacy & GDPR
  • Migration from FPJS

Reference

  • Changelog
  • Troubleshooting
  • Error Handling
  • Testing

Privacy & GDPR

Non-PII signal collection, one-way hashing, data processor DPA, and GDPR Article 6(1)(f) guidance

Data Collection

tracio.ai collects browser configuration and hardware signals only. No PII (names, emails, passwords) is ever collected. No browsing history or user content is accessed.

What is collected

  • Browser configuration (User-Agent, language, timezone, screen resolution)
  • Hardware characteristics (canvas fingerprint, WebGL parameters, audio processing)
  • Feature support (CSS, JavaScript APIs, fonts)
  • IP address (for geolocation and VPN detection)

What is NOT collected

  • Names, email addresses, or any personal identifiers
  • Passwords or authentication credentials
  • Browsing history or page content
  • Keystrokes or form input
  • Cookies from other sites

GDPR Compliance

For fraud prevention and security use cases, legitimate interest (Article 6(1)(f)) is the appropriate legal basis. For analytics use cases, user consent may be required.

Legal Basis by Use Case

Use CaseLegal BasisConsent Required?
Fraud preventionLegitimate interest (Art. 6(1)(f))No
Account securityLegitimate interest (Art. 6(1)(f))No
Bot detectionLegitimate interest (Art. 6(1)(f))No
AnalyticsConsent (Art. 6(1)(a))Yes
MarketingConsent (Art. 6(1)(a))Yes

Cloud Data Security

With our cloud platform, all visitor data stays on your infrastructure. No cross-border data transfers, no third-party data sharing.

Data Retention

You control data retention policies in our cloud. Default retention is 90 days. Configure via environment variable:

TRACIO_DATA_RETENTION_DAYS=90