User Guides Developer Guides API Reference Changelog

developer

Privacy & Data Handling

The Hood Web SDK is built with privacy by design.

This page explains what data the SDK stores, how it behaves with or without consent, and what developers need to configure in their Consent Management Provider (CMP).

Our goal is to keep integration simple while remaining fully compliant with GDPR and other privacy standards — without unnecessary legal complexity.

Overview

No Cookies
Hood SDK doesn’t use cookies.

All data is stored directly in the browser using:

  • sessionStorage – temporary data automatically removed at the end of a browser session
  • localStorage – persistent data such as consent preferences and technical keys that last between sessions

All SDK data is kept under a single storage key called _OPC.
This key contains a JSON object with all values used by the SDK.

Example structure:

{
  "_OPC": {
    "session_uid": "b4f2c1e2-91d3-4a7a-a2c1-f8a3c2d7c5",
    "userConsent": { "analytics": true }
  }
}
Potential Key Conflict
If your application also uses the _OPC key in browser storage, rename it to avoid conflicts with the SDK.

Storage Overview

GDPR — legal basis at a glance
  • Technical storage (session ID, A/B variants, dismissals) is necessary for service operation and does not require consent.
  • Processing that links data to a person (profile association via identify, campaign attribution) runs only with explicit consent per purpose keys: analytics, marketing, push.
  • This page is developer guidance, not legal advice.
Storage TypeUsed ForLifetime
sessionStorageTemporary session trackingUntil the tab/browser is closed
localStoragePersistent SDK data stored under _OPCUp to 365 days (or until manually cleared)

When no consent is given, the SDK will:

  • create a temporary session ID (random and non-persistent),
  • store it as _OPC.session_uid inside sessionStorage,
  • use it to group analytics events within the same browser session.

This ID is deleted automatically when the session ends.
It cannot identify a user and does not require consent.

Example session data:

{
  "_OPC": {
    "session_uid": "b4f2c1e2-91d3-4a7a-a2c1-f8a3c2d7c5"
  }
}

This allows the SDK to measure simple things like page views or event counts — fully anonymous.

If the user gives consent via your CMP, the SDK can:

  • keep the consent state,
  • track campaign parameters (utm_*) and push permission data,
  • associate events to a server-side profile when your app calls identify (optional).

Example flow:

Hood('consent', { analytics: true });
Hood('identify', 'user_12345');
Hood('trackEvent', 'purchase', { value: 25 });

If consent is later withdrawn, the SDK will stop using identifiable data and continue with anonymous session tracking only.

Identify — server-side only
  • identify payloads are never stored in the browser.
  • Send identify only when you have consent (for example, analytics: true) and do it consistently on login/auth so events can be linked across sessions.
  • We generate and manage the internal profile ID server-side; your external ID is attached to that profile as an attribute.

What Data Is Stored

All data is stored under the single key _OPC.

SubkeyStoragePurposePurpose KeyLifetimeConsent Required
_OPC.session_uidsessionStorageTemporary anonymous session IDtechnicalUntil session ends
_OPC.userConsentlocalStorageConsent states per categorytechnicalUntil changed
_OPC.utm_*localStorageCampaign and attribution parametersmarketingUntil overwritten
_OPC.psh<hash>localStorageFunctional key used to check push permission requests per domain (not user-identifying)technicalUntil overwritten
_OPC.modal_*, _OPC.ab_*, _OPC.webpush_dismissals, _OPC.vtlocalStorageTechnical counters and A/B testing variantstechnicalUntil overwritten

The SDK includes a simple consent interface that should be synced with your CMP.

Pass consent states directly from your CMP:

Hood('consent', {
  analytics: true,
  marketing: true,
  push: false
});

If the user updates consent:

Hood('consent', newConsentState);

Clearing Data

For “right to be forgotten” or user data removal:

Hood('identify', null);
Hood('consent', { analytics: false, marketing: false, push: false });

CMP Configuration Guide

In your Consent Management Provider (CMP), define the following categories and map them to the SDK purpose keys:

PurposePurpose KeyWhen ActiveDescription
Analyticsanalyticsanalytics: trueTracks events tied to a user if consent is granted
Marketingmarketingmarketing: trueEnables UTM parameter storage and campaign attribution
Push Notificationspushpush: trueEnables push permission state tracking (functional, not personal)
Technical vs. consented data
Everything else (session tracking, A/B testing, modal dismissals) is purely technical and not personally identifiable.

Best Practices

  • Send consent to the SDK immediately after your CMP loads
  • Linking events to a person happens server-side via identify and requires consent (no user IDs are stored locally)
  • No data passed via identify() setUserProperties() is saved locally
  • Use unique key names if your app also writes to localStorage
  • Keep your SDK up to date — privacy rules evolve

Quick Reference

Use CaseRequires ConsentStorage
Counting sessionssessionStorage
Measuring page viewssessionStorage
Linking events to a userserver-side only (no local storage)
Sending push notificationslocalStorage (_OPC.psh<hash>)
A/B testing modalslocalStorage (_OPC.ab_*)
Tracking campaigns (UTM)localStorage (_OPC.utm_*)

Summary

  • All SDK data is stored under a single key _OPC in browser storage.
  • Temporary analytics works anonymously during the session.
  • Persistent data (like UTM parameters) is stored only with consent.
  • Push keys (psh<hash>) are functional domain checks — never user identifiers.
  • The SDK is designed to remain fully compliant and privacy-safe out of the box.

Need more technical details?
Check our Integration Guide or contact our support team.

LinkedIn Facebook Instagram