Cookieless Mode

By default, Revly uses first-party cookies to identify returning visitors and maintain sessions. If your site requires strict privacy compliance (GDPR, LGPD), you can switch to cookieless mode. The choice is made per site, and you can change it at any time.

How to enable

1. Go to your site's Privacy Settings in the dashboard.
2. Click Enable Cookieless Mode and confirm the trade-offs in the dialog.
3. Copy the updated snippet from General Settings. It will include the data-cookieless attribute:

<script
  defer
  data-site-id="YOUR_SITE_TOKEN"
  data-cookieless
  src="https://revly.pro/script.js">
</script>

The tracker reads the data-cookieless attribute on load. Without it, the tracker uses cookie mode regardless of your dashboard setting, so always update the snippet after switching modes.

How cookieless attribution works

When cookieless mode is active, the tracker sends an empty visitor_id. The server computes a daily fingerprint from a combination of the masked IP address, user agent, site ID, and current date. This fingerprint is hashed with SHA-256 and rotates at midnight UTC. It is never stored as-is and cannot be used to reconstruct any personal information.

The consequence is that a visitor who returns the following day will appear as a new visitor in the dashboard. Within a single day, attribution is accurate.

What still works in cookieless mode

• Pageview tracking
• Custom events via revly.track()
• User identification via revly.identify(), which uses localStorage, not cookies
• Geo, device, browser, and referrer attribution
• Goals and conversion tracking
• Bot filtering and exclusion rules

Switching back to cookie mode

Go to Privacy Settings, disable cookieless mode, and replace the snippet on your site (removing the data-cookieless attribute). Existing cookies from previous visitors will resume being used once the updated snippet is live. No data is lost.