Closient’s analytics pipeline is built to give you long-term visibility into how your products are scanned while keeping the underlying data non-personal by design. This page describes what’s captured, how long it’s kept, and the privacy stance behind those choices.Documentation Index
Fetch the complete documentation index at: https://docs.closient.com/llms.txt
Use this file to discover all available pages before exploring further.
Retention at a glance
Analytics data is stored in two tiers:| Tier | What it is | Retention | Used by |
|---|---|---|---|
| Raw scan events | One row per scan (GTIN, timestamp, derived country, device class, bot flag, batch/lot if encoded) | 90 days | Detailed drill-down, recent debugging, export of recent activity |
| Daily aggregates | Per-product, per-day rollups of scan counts plus country / device / hour / AI-traffic breakdowns | Indefinite | Long-term trend lines, year-over-year comparisons, brand analytics endpoints |
ScanDailySummary row for each product that had scans that day. Once a day has been rolled up, the raw events for that day remain queryable for 90 days, then a daily purge task deletes them. The aggregate row stays forever.
Practical impact: anything you can already see in the Brand Analytics scans endpoint — total scans, billable vs bot, country breakdown, device breakdown, daily volume timeline — is computed from the indefinitely-retained aggregate. You do not lose visibility into history when raw events age out.
The raw-event purge is safety-railed: if the daily rollup hasn’t caught up to the cutoff date yet (e.g. a Celery outage delayed it), the purge task aborts rather than delete raw events the aggregator never summarized.
What is not captured
Closient analytics are designed so that no individual consumer can be re-identified from a scan record. Specifically:- No IP address is stored. The IP from the scan request is used only to derive a coarse country code (via MaxMind GeoLite2), then discarded before the row is written.
- No browser or device fingerprints. No canvas hashes, no WebGL probes, no font enumeration, no audio fingerprints — none of the techniques common to ad-tech stacks.
- No cookies, no persistent identifiers, no cross-site tracking. A scan is recorded as an isolated event, not as part of a user journey.
- No precise geolocation. Country is the most precise geo dimension stored. Latitude/longitude from scanner apps is never persisted to the analytics tables.
- No user agent string. Only a derived device class (
mobile,tablet,desktop,bot) and a coarse user-agent family are kept.
bot_scans) so you can see the volume without it polluting your billable-scan totals.
GDPR alignment
Because Closient analytics events contain no personal data — no IP, no identifier, no fingerprint, only coarse derived dimensions — they are non-personal data within the meaning of the GDPR. There is no data-subject record to look up, rectify, or erase: there is no subject in the data in the first place. We document retention windows here anyway. Even though GDPR’s storage-limitation principle does not strictly apply to non-personal data, treating retention as an explicit contract is good hygiene and gives you a clear answer when your own privacy reviewers ask. For the consumer-facing privacy policy, cookie policy, AUP, and terms of service, see the canonical legal pages: All Closient legal policies are managed through Iubenda — we do not maintain bespoke policy text here.How retention is configured today
The raw-event retention window is currently a single global value (90 days) applied to every organization. Tier-aware retention — where Free / Paid / Enterprise plans get different raw-event windows — is on the roadmap but not yet live. When it ships, this page will be updated to show the per-tier table. If you have a regulatory or contractual requirement to retain raw events for longer than 90 days, contact support@closient.com.Roadmap items not yet shipped
The following parts of the long-term analytics retention design are still in flight. They are listed here for transparency; this page will be updated when each lands so what you read here always matches what is running in production.- Hourly rollups + HyperLogLog uniques. A second aggregate tier between raw events and daily rollups, plus privacy-preserving unique-visitor counts via HyperLogLog sketches (no identifiers stored — only a fixed-size probabilistic structure that approximates the unique count).
- Tier-aware retention windows. Per-subscription-tier raw-event retention (Free / Paid / Enterprise).
- Page-visit retention. Equivalent retention tiers for
PageVisitEvent— the hosted-page render analogue of scan events — once the rollup pipeline for those lands.
Related
Understanding Analytics
Day-to-day guide to reading scan data and search performance.
Dashboard API
Brand-analytics endpoints that query the indefinitely-retained aggregates.