Grafana Cloud

Data Privacy in Frontend Observability

Grafana Faro Web SDK powers Frontend Observability and is configurable to match your data privacy needs.

Privacy considerations

Faro has a privacy-friendly design.

Collection of user data

Faro doesn’t collect any personal data by default.

However it’s possible to collect personally identifiable information unintentionally, therefore consider what user information you store.

If you intend to use this feature, ensure you have collected user consent in a way that complies with your data privacy framework.

To learn more about how to identify users, consult the user meta architecture documentation.


Faro doesn’t store or use any cookies.

Faro stores session information in the browsers web-storage which has the following structure.

export interface FaroUserSession {
  sessionId: string; // randomly created sessionID
  lastActivity: number; // last user/browser activity
  started: number; // when the session has been started
  isSampled: boolean; // is the session part of the sample
  sessionMeta?: MetaSession; // a copy of the in-memory session meta object

Local Storage

Faro uses local storage to save the state of the user session. By default, the session state doesn’t contain any personal data.

The data has no max lifetime. If the session is alive for longer than maxSessionPersistenceTime for a recurring visitor, Faro removes the data.


Faro stores custom attributes that are manually added to a user session in sessionMeta. Never store in the session meta.

Proxying data to Frontend Observability

If you want to prevent the Faro or your users from sending any data directly to Grafana Cloud, you can proxy the data through your own backend.

Learn more how to proxy data in the data proxy documentation.