First-party only architecture
How elNudge collects data under your domain with no cross-site tracking, no third-party cookies, and no fingerprinting.
elNudge is designed from the ground up as a first-party data tool. That means every piece of data collected from a visitor on your store belongs to you, is collected under your domain, and is never shared with or linked to another merchant's store.
Data is collected under your domain
The elNudge SDK is a script that runs directly in your page — not inside a third-party iframe loaded from another origin. When the SDK sends behavioral events, they originate from your domain in the visitor's browser.
This means:
- The browser treats elNudge data as first-party to your site.
- No cross-origin restrictions apply to the SDK's event collection.
- Ad blockers targeting third-party trackers are less likely to interfere with the SDK.
No third-party cookies
elNudge does not set or read third-party cookies. In fact, elNudge does not use cookies at all for session tracking.
Session continuity is maintained using the browser's sessionStorage API. sessionStorage is:
- Scoped to a single tab — not shared across tabs.
- Cleared when the tab is closed — not persisted across browser sessions.
- Not a cookie — it is not sent in HTTP request headers and is not accessible from other origins.
This means elNudge has no persistent identifier for a visitor across visits. Each new browser session starts fresh.
No cross-site visitor tracking
A visitor on Store A is never linked to the same visitor on Store B, even if both stores use elNudge.
There is no shared visitor graph, no probabilistic matching across merchants, and no aggregation of cross-merchant behavioral data. Each site's data is completely isolated.
No fingerprinting
elNudge does not use browser fingerprinting techniques — it does not collect canvas fingerprints, font lists, WebGL renderer strings, or any combination of signals designed to create a persistent visitor identity across sessions.
The session metadata collected (browser name, OS, screen size, language, timezone) is used only for intent scoring within the current session — not for re-identification across sessions or across sites.
Data controller and data processor
| Role | Party | Responsibility |
|---|---|---|
| Data controller | You (the merchant) | Determines the purpose for which visitor data is collected |
| Data processor | elNudge | Processes data on your behalf, under your instructions |
As the data controller, you own the visitor data collected on your site. You can:
- Delete a visitor's data at any time via the API (
DELETE /v1/visitors/:visitor_id). - Delete all data for your site by closing your account.
- Request a full data export via Dashboard → Settings → Data → Export.
elNudge processes data only as necessary to provide the intent scoring, nudge delivery, and analytics features you have configured. Data is never used for elNudge's own advertising or sold to third parties.
Summary
| Property | elNudge |
|---|---|
| Third-party cookies | No |
| Cross-site tracking | No |
| Fingerprinting | No |
| Data stored under merchant domain | Yes |
| Merchant owns the data | Yes |
| Data sold to third parties | No |
For full details on what is collected, see What Data elNudge Collects. For GDPR and CCPA compliance information, see GDPR & CCPA.