DigitalFingerprint Pro trial — 20,000 production identifies/mo for 14 days.View plans
DigitalFingerprint
Get started

Legal

Privacy Policy

Last updated: June 2026

1. Scope

This policy describes how DigitalFingerprint ("we", "us") processes information when you visit our marketing site, use the live demo, or integrate DigitalFingerprint on your own properties. If you deploy DigitalFingerprint on your website, you are the data controller for your end users; this policy covers our hosted demo and marketing operations unless a separate Data Processing Agreement (DPA) applies to your production deployment.

2. Information we collect

When DigitalFingerprint runs in a browser, the SDK may collect:

  • Device & browser signals — user agent, screen resolution, color depth, timezone, language, platform, hardware concurrency, device memory, touch support, and storage availability (cookies, localStorage, IndexedDB).
  • Rendering fingerprints — canvas, WebGL, audio, fonts, math, emoji, DOM rect, CSS support, and related hashes used for visitor matching.
  • Integrity signals — incognito/private browsing indicators, bot/automation heuristics, tampering scores, developer tools, privacy settings, and anti-detect browser flags (computed client-side; fraud verdicts are server-side).
  • Network context — IP address, derived geolocation (city/region/country), ASN, ISP, and datacenter classification when IP intelligence is enabled.
  • Page context — page URL hash (always stored); full URL only when explicitly enabled server-side (ORIGINID_STORE_FULL_URL).
  • Identifiers you provide — optional linkedId and tags metadata, registration email when using account-link APIs, and first-party clientToken for returning-visitor recognition.
  • Account data — if you create a hosted workspace, we collect email, organization name, billing details via Stripe, and console activity logs separate from visitor identify payloads.

3. How we use information

  • Generate and persist a stable visitor identifier (originId).
  • Detect returning visitors and compute match confidence.
  • Compute fraud-oriented smart signals and suspect scores on our servers — production browser responses are slim by default and do not include these fields.
  • Provide demo, dashboard analytics, exports, and webhook delivery to registered customers.
  • Enforce rate limits, API key auth, usage quotas, and abuse prevention.

4. Live demo data minimization

The public demo on our marketing site uses a server-side identify proxy — API keys and signing secrets are never exposed in the browser bundle. Demo visitor profiles are minimized by default when DEMO_FULL_SIGNALS=false (the production default):

  • Raw IP addresses are omitted from demo profiles; only country-level geolocation is shown.
  • Detailed risk breakdowns and extended signal history are not returned.
  • Visit history is capped to the five most recent events.

Do not submit sensitive personal information in the demo. Evaluation traffic is subject to dedicated rate limits separate from production API keys.

5. Production trust model

On production API keys, the browser receives only a slim payload (originId, eventId, optional clientToken, timestamp). Smart signals, suspect scores, and raw signal blobs are retrieved server-side via the Events API or signed webhooks. Do not make fraud decisions from data exposed to end-user browsers.

6. Cookies & local storage

DigitalFingerprint uses first-party cookies and/or local storage to persist a visitor token where permitted (not in all private browsing modes). Our marketing site may use session cookies for authentication on the dashboard subdomain. You can clear site data at any time in your browser.

7. Retention

  • Visit records: default purge after 12 months (VISIT_RETENTION_MONTHS).
  • Raw signal blobs: default 30 days when persistence is enabled (RAW_SIGNAL_RETENTION_DAYS).
  • Inactive visitor profiles may be anonymized before full deletion.
  • Hosted workspaces use DigitalFingerprint-managed retention and scheduled purge jobs.

8. Subprocessors & third parties

  • MaxMind GeoLite2 — IP geolocation and ASN when MMDB databases are configured. GeoLite2 license.
  • IPinfo / ip-api / geoip-lite — fallback or supplemental geo providers depending on deployment configuration.
  • Stripe — payment processing for hosted plans (customer billing data only).
  • Postmark / SMTP — transactional email (verification, password reset, notification preferences).
  • Cloud infrastructure — hosting providers (e.g. AWS, Vercel) where you or we deploy the stack.

This product includes GeoLite2 data created by MaxMind, available from maxmind.com.

9. Security

API keys authenticate identify and Events traffic. Production deployments should require request signing (HMAC), enforce HTTPS, and restrict raw signal access. Webhook endpoints verify X-OriginID-Signature on delivery. Fraud fields are server-authoritative — production browser responses are slim by default. See integration docs and the repository production security checklist.

10. Your rights

Depending on your jurisdiction, you may have rights to access, correct, delete, or restrict processing of personal data. US residents may contact the site operator to request access or deletion. The public demo is for evaluation — do not submit sensitive personal information. Enterprise customers may execute a DPA covering end-user data processed on their behalf.

11. Children

DigitalFingerprint is not directed at children under 13. We do not knowingly collect data from children.

12. Changes

We may update this policy as the product evolves. Material changes will be reflected in the "Last updated" date above.

13. Contact

Privacy questions: reach us on our contact page or your account support channel for hosted workspaces.