1. Overview and Scope
This Privacy Policy applies to the Wolf Analytics platform operated by Wolf Analytics LLC ("Wolf Analytics," "we," "us," or "our"), including the analytics dashboard hosted at analytics.wolfai.dev, the tracking API at analapi.wolfai.dev, and the JavaScript tracking snippet delivered from our CDN. It covers two categories of individuals: account holders who sign in to our dashboard to view analytics data, and end users whose browsing activity is collected by the tracking snippet embedded on websites operated by our customers. Our customers are the data controllers for the end-user analytics data collected through their websites. Wolf Analytics acts as a data processor on their behalf, processing data strictly according to the instructions defined by the privacy mode the customer selects.
Wolf Analytics offers two distinct privacy modes that govern what data is collected and how it is handled. Customers choose their privacy mode at the project level, and the mode determines the full scope of data collection, storage, and processing for all traffic tracked under that project. This policy describes both modes in detail so that end users and customers alike can understand exactly what data flows through our systems.
2. Data Collection in GDPR Mode
When a customer configures their project in GDPR mode, Wolf Analytics applies the most restrictive data collection profile available. Visitor IP addresses are never stored in their raw form. Instead, each IP address is hashed using SHA-256 combined with a rotating cryptographic salt before any data reaches persistent storage. The resulting hash is used solely for session attribution and cannot be reversed to recover the original IP address. User-agent strings are parsed server-side to extract only the browser family and operating system family (for example, "Firefox" and "macOS"). The full user-agent string is discarded immediately after parsing and is never written to the database.
Geographic resolution in GDPR mode is limited to country and region level. We do not store city names, postal codes, or latitude/longitude coordinates for GDPR-mode projects. Session replay, heatmap recording, and mouse-movement tracking are completely disabled in this mode. No DOM snapshots, click coordinates, scroll depths beyond aggregate page-level metrics, or input field values are captured. This mode is designed to comply with the European Union General Data Protection Regulation and similar privacy frameworks by minimizing data collection to what is strictly necessary for aggregate web analytics.
3. Data Collection in International Mode
International mode provides a broader data collection profile for customers whose regulatory environment and end-user consent mechanisms permit more detailed analytics. In this mode, IP addresses are stored in their original form to enable precise geographic lookups and fraud detection. The full user-agent string is retained alongside parsed browser and operating system metadata, which allows customers to analyze traffic patterns at the level of specific browser versions, device models, and rendering engines. Geographic data is resolved to city level and includes latitude and longitude coordinates, which power the map visualization features in the Wolf Analytics dashboard.
Session replay is available in international mode. When enabled, the tracking snippet records mouse movements, click positions, scroll behavior, and DOM mutations. All text input fields are masked by default to prevent accidental capture of passwords, credit card numbers, or other sensitive form data. Replay data is batched on the client and transmitted to the tracking API in compressed payloads. Customers can use this data to watch reconstructed browsing sessions in the dashboard, build heatmaps of click density across page elements, and identify usability friction points. The customer is responsible for ensuring appropriate end-user consent before enabling international mode and session replay on their properties.
4. How Data Is Collected
Data enters the Wolf Analytics platform through a lightweight JavaScript tracking snippet that customers embed on their websites. The snippet is served from our CDN and initialized with a project-specific API key and the selected privacy mode. Once loaded, the snippet sends events to our tracking API endpoints: pageview events when a visitor navigates to a new page, custom events triggered by specific user interactions such as button clicks or form submissions, identity events that allow customers to link anonymous sessions to known user identifiers, and conversion events that record downstream business outcomes such as purchases or sign-ups.
All data is transmitted over HTTPS. The tracking snippet communicates exclusively with the analapi.wolfai.dev API. In international mode, an additional replay endpoint accepts batched session replay events. Each request includes the project API key for authentication and routing. The tracking snippet does not execute any third-party code, does not load external resources beyond the single script file, and does not inject advertising pixels or social media trackers into the host page. Our API validates the origin of incoming requests against the allowed domains configured in each project to prevent unauthorized data injection.
5. Data Storage and Security
Analytics data is stored in PostgreSQL databases with encryption at rest enabled at the storage layer. Database connections use TLS to protect data in transit between application servers and the database. Access to production databases is restricted to authorized personnel through SSH tunnels with key-based authentication, and all administrative access is logged. We use async connection pooling through SQLAlchemy 2.0 to manage database connections efficiently and prevent resource exhaustion under high ingest volumes.
Application secrets including database credentials, JWT signing keys, Stripe API keys, and the IP hashing salt are stored in environment variables and never committed to version control. Our backend application is built on Python FastAPI with strict input validation on all API endpoints. Authentication for dashboard access uses JWT tokens with configurable expiration. Session tokens are revocable, and the authentication system supports forced logout of all active sessions for a given account. Redis is used for ephemeral caching and real-time features such as Server-Sent Events for live dashboard updates, and it does not serve as a primary store for analytics data.
6. Data Retention
Wolf Analytics retains analytics data for the duration of the customer's active subscription. Aggregated analytics data such as pageview counts, traffic source breakdowns, and conversion metrics are retained for the lifetime of the project. Detailed session-level data, including individual pageview records, event logs, and session replay recordings, is retained according to the customer's plan tier. Customers on higher-tier plans may retain session data for longer periods. The specific retention windows for each plan tier are described on our pricing page.
When a customer deletes a project, all associated analytics data, including raw events, aggregated metrics, session replays, and heatmap data, is permanently removed from our databases within 30 days. When a customer closes their account entirely, all projects and associated data are queued for deletion on the same 30-day schedule. We do not retain analytics data after deletion for any purpose, including statistical analysis or model training. Backup systems that may transiently contain deleted data are rotated on a 90-day cycle, after which all traces of deleted data are purged from backup storage.
7. Third-Party Services
Wolf Analytics relies on a limited set of third-party services to operate the platform. Cloudflare provides CDN delivery for the tracking snippet, DDoS protection, and edge caching for static assets. Cloudflare may process visitor IP addresses transiently as part of its network routing and security functions. We use Cloudflare's geographic headers as a fallback mechanism for visitor geolocation when our primary MaxMind database lookup is unavailable. Cloudflare's privacy policy governs how they handle network-level data that passes through their infrastructure.
MaxMind GeoIP databases are used for geographic resolution of visitor IP addresses. The MaxMind database runs locally on our servers, and IP addresses are not transmitted to MaxMind for lookup. Stripe processes all payment transactions for Wolf Analytics subscriptions. When you subscribe to a paid plan, your payment information (credit card number, billing address) is collected and processed directly by Stripe and is never stored on Wolf Analytics servers. Stripe's webhook notifications inform our system of subscription status changes. We do not use any third-party analytics services, advertising networks, or data brokers. No analytics data collected through our platform is shared with, sold to, or made accessible to any third party.
8. Cookies and Local Storage
Wolf Analytics does not set any third-party cookies. The tracking snippet embedded on customer websites operates without cookies entirely. Visitor identification for session continuity is handled server-side through hashed IP and user-agent combinations in GDPR mode, and through IP-based session attribution in international mode. This means the Wolf Analytics tracking snippet does not contribute to cookie consent banner requirements in jurisdictions that regulate cookie usage, because no cookies are written to the visitor's browser by our code.
The Wolf Analytics dashboard application, which is used by our customers to view their analytics data, uses browser localStorage for a single purpose: storing the customer's theme preference (light or dark mode). This localStorage entry contains no personally identifiable information and is not transmitted to our servers. JWT authentication tokens for dashboard sessions are handled through secure HTTP mechanisms. We do not use localStorage, sessionStorage, or IndexedDB for tracking purposes on customer websites under any privacy mode.
9. Account Holder Data
When you create a Wolf Analytics account, we collect your email address and a hashed password. Email addresses are used for authentication, account recovery, billing correspondence, and critical service notifications such as security alerts or breaking changes to the API. We do not send marketing emails unless you have explicitly opted in to receive them. Account holders may also provide a display name and organization name, which are stored for use within the dashboard interface. Billing information provided during subscription is processed and stored by Stripe and is not retained on our servers.
Superadmin accounts, which are used for platform administration and cross-account diagnostics, have access to aggregated metrics across all accounts. Superadmin access is restricted to authorized Wolf Analytics personnel and is governed by internal access control policies. All superadmin actions, including context switching between accounts, are logged for audit purposes. Account holder data is retained for the duration of the active account. Upon account closure, email addresses and associated metadata are deleted within 30 days, consistent with the data retention schedule described in Section 6.
10. Your Rights
If you are an account holder, you may access, correct, or delete your personal data at any time through the dashboard account settings or by contacting us at [email protected]. You have the right to request a complete export of your account data in a portable, machine-readable format. We will fulfill data portability requests within 30 days of receipt. You may also request that we restrict processing of your data or object to specific processing activities, and we will honor such requests to the extent required by applicable law.
If you are an end user whose browsing activity has been collected through a customer's website, your primary point of contact for data rights is the website operator (our customer), who is the data controller. However, you may also contact us directly, and we will work with the relevant customer to fulfill your request. For GDPR mode projects, end-user data is pseudonymized through IP hashing and cannot be linked back to a specific individual without access to the original IP address and the hashing salt. We support the right of access, the right to erasure, the right to rectification, and the right to data portability under the GDPR, CCPA, and similar data protection regulations in applicable jurisdictions.
11. Data Processing Agreements
Wolf Analytics offers a Data Processing Agreement (DPA) for customers who require one under the GDPR or other data protection regulations. The DPA establishes the terms under which Wolf Analytics processes personal data on behalf of the customer, including the categories of data processed, the purposes of processing, the duration of processing, and the technical and organizational measures we implement to protect the data. Our standard DPA includes Standard Contractual Clauses (SCCs) for international data transfers where applicable.
Customers who need a signed DPA can request one by contacting [email protected]. We provide pre-signed DPAs for enterprise-tier customers and will execute custom DPAs upon request for customers with specific regulatory requirements. The DPA is incorporated by reference into the Wolf Analytics Terms of Service and governs the processing of personal data to the extent that such processing is subject to applicable data protection legislation. We are committed to transparency about our data processing practices and will cooperate with customers in responding to data protection authority inquiries.
12. Children's Privacy
Wolf Analytics is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. Our platform is a business-to- business analytics tool intended for use by website operators and their authorized personnel. The Wolf Analytics dashboard requires account authentication, and accounts may only be created by individuals who are at least 18 years of age or the age of majority in their jurisdiction, whichever is greater.
If we become aware that we have inadvertently collected personal information from a child under 13, we will take prompt steps to delete that information from our systems. If you believe that a child under 13 has provided personal information to Wolf Analytics or that analytics data has been collected from a child-directed website without appropriate safeguards, please contact us immediately at [email protected] so that we can investigate and take appropriate action. Customers who operate websites directed at children are responsible for ensuring compliance with COPPA, the Children's Code, and similar regulations before deploying any analytics tracking.
13. International Data Transfers
Wolf Analytics is operated from the United States. Analytics data collected from end users in the European Economic Area, the United Kingdom, Switzerland, or other jurisdictions with data transfer restrictions may be transferred to and processed in the United States. For customers using GDPR mode, the privacy protections described in Section 2 apply regardless of where the data is processed, and the pseudonymization through IP hashing ensures that transferred data cannot be linked to identifiable individuals without disproportionate effort.
Where Standard Contractual Clauses or other approved transfer mechanisms are required, we include them in our Data Processing Agreement. Customers who need assurance about the legal basis for international data transfers should request our DPA, which documents the specific safeguards and transfer mechanisms in place. We monitor regulatory developments related to cross-border data transfers and will update our transfer mechanisms as necessary to maintain compliance with applicable data protection laws.
14. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our data practices, regulatory requirements, or platform capabilities. When we make material changes, we will update the effective date at the top of this page and, for changes that significantly affect how we collect or process data, we will notify account holders by email at least 30 days before the changes take effect. We encourage you to review this page periodically to stay informed about our privacy practices.
Non-material changes, such as clarifications, formatting updates, or corrections of typographical errors, may be made without advance notice. The version history of this policy is maintained in our source code repository, and previous versions are available upon request. Your continued use of Wolf Analytics after a policy update constitutes acceptance of the revised terms. If you disagree with any changes, you may close your account and request deletion of your data as described in Section 6.
15. Contact Information
If you have questions about this Privacy Policy, want to exercise your data rights, or need to report a privacy concern, contact us at:
We aim to respond to all privacy-related inquiries within 10 business days. For data access, correction, deletion, or portability requests, we will acknowledge receipt within 5 business days and complete the request within 30 calendar days. If we need additional time due to the complexity of the request, we will notify you of the expected timeline and the reasons for the delay. If you are located in the European Economic Area, you also have the right to lodge a complaint with your local supervisory authority if you believe that our processing of your personal data violates applicable data protection law.