Data Privacy in Frontend Observability
Grafana Faro Web SDK powers Frontend Observability and is configurable to match your data privacy needs.
Privacy considerations
Faro has a privacy-friendly design.
Collection of user data
Faro doesn’t collect any personal data by default.
However it’s possible to collect personally identifiable information unintentionally, therefore consider what user information you store.
If you intend to use this feature, ensure you have collected user consent in a way that complies with your data privacy framework.
To learn more about how to identify users, consult the user meta architecture documentation.
Cookies
Faro doesn’t store or use any cookies.
Faro stores session information in the browsers web-storage which has the following structure.
export interface FaroUserSession {
sessionId: string; // randomly created sessionID
lastActivity: number; // last user/browser activity
started: number; // when the session has been started
isSampled: boolean; // is the session part of the sample
sessionMeta?: MetaSession; // a copy of the in-memory session meta object
}Local Storage
Faro uses local storage to save the state of the user session. By default, the session state doesn’t contain any personal data.
The data has no max lifetime. If the session is alive for longer than maxSessionPersistenceTime for a recurring visitor, Faro removes the data.
Note
Faro stores custom attributes that are manually added to a user session insessionMeta. Never store in the session meta.
Proxying data to Frontend Observability
If you want to prevent the Faro or your users from sending any data directly to Grafana Cloud, you can proxy the data through your own backend.
Learn more how to proxy data in the data proxy documentation.
Was this page helpful?
Related resources from Grafana Labs
