Documentationbreadcrumb arrow Grafana Cloudbreadcrumb arrow Monitor applicationsbreadcrumb arrow Frontend Observabilitybreadcrumb arrow Settings and policiesbreadcrumb arrow CNIL compliance
Grafana Cloud

Comply with CNIL requirements for Frontend Observability

The French Data Protection Authority (Commission Nationale de l’Informatique et des Libertés, or CNIL) provides guidelines for using analytics and monitoring tools on websites and applications.

If you deploy Frontend Observability in France or target French users, you must implement user consent before collecting telemetry data with the Faro Web SDK.

This page explains how to configure Frontend Observability to comply with CNIL requirements, including:

  • Implementing user consent
  • Informing users about data collection
  • Configuring session lifetime
  • Disabling specific data collection features

Note

This guidance is based on CNIL requirements as of April 2026. CNIL regulations may change over time. Consult with your legal team and refer to the CNIL official guidelines for the most current requirements.

Before you begin

Before implementing CNIL compliance:

  • Determine whether your application is subject to CNIL requirements (deployed in France or targeting French users)
  • Choose a consent management platform (CMP) or implement custom consent logic
  • Review your organization’s privacy policy requirements with your legal team

Configure Frontend Observability for CNIL-aligned use

Grafana Frontend Observability, powered by the Faro Web SDK, is designed to give teams control over what data is collected and how it’s processed. Below are areas to focus on.

As with most use cases unless an exception applies, the CNIL requires explicit user consent before any data is collected. With Faro, this means conditionally loading the SDK only after consent is granted:

JavaScript 
// Only initialize Faro after user consent is obtained
if (userHasConsentedToAnalytics()) {
  const { getWebInstrumentations, initializeFaro } = await import("@grafana/faro-web-sdk");

  initializeFaro({
    url: "YOUR_GRAFANA_CLOUD_URL",
    app: {
      name: "your-app-name",
      version: "1.0.0",
    },
    instrumentations: [...getWebInstrumentations()],
  });
}

Replace userHasConsentedToAnalytics() with your consent management platform’s API or custom consent logic.

Note

The conditional initialization ensures Faro never loads if the user hasn’t consented. This is different from loading Faro and then disabling collection, which could still execute some initialization code.

Inform users about data collection

Before collecting data, users must be informed. Your consent banner or privacy notice should clearly explain that:

  • You use Frontend Observability to monitor application performance and errors
  • The SDK collects performance metrics, errors, logs, and user interactions
  • Data is sent to Grafana Cloud for analysis
  • Users can opt out by refusing or withdrawing consent
  • How long data is retained

This information typically appears in a consent banner or dialog box that the user sees when they first visit your site.

Limit session duration and identifier lifetime

CNIL emphasizes limiting how long users can be tracked. Shorter session durations reduce the risk of user re-identification and help align with CNIL expectations around limited tracking windows.

By default, Faro uses non-persistent sessions:

  • Stored in sessionStorage
  • Expire when the browser tab is closed
  • No tracking across visits

If you enable persistent sessions (stored in localStorage), they persist for up to 16 minutes (15 minutes + 1 minute buffer) by default. You can configure a shorter duration to comply with your privacy requirements:

JavaScript 
initializeFaro({
  url: "YOUR_GRAFANA_CLOUD_URL",
  app: {
    name: "your-app-name",
    version: "1.0.0",
  },
  instrumentations: [...getWebInstrumentations()],
  sessionTracking: {
    enabled: true,
    persistent: true,
    maxSessionPersistenceTime: 5 * 60 * 1000 // 5 minutes (in milliseconds)
  },
});

The maxSessionPersistenceTime value is in milliseconds. Common values:

  • 5 minutes: 5 * 60 * 1000
  • 10 minutes: 10 * 60 * 1000
  • 30 minutes: 30 * 60 * 1000

To learn more, refer to Session tracking.

Minimize data collection

CNIL guidance stresses collecting only what is strictly necessary. Frontend Observability allows you to disable specific telemetry features. This enables you to:

  • Avoid collecting unnecessary logs or user interactions
  • Reduce the scope of telemetry
  • Align with data minimization principles

Frontend Observability is designed to reduce exposure to personal data:

  • No IP address storage by default
  • Optional geolocation derives location and discards IP immediately
  • No built-in cross-site tracking
  • Data scoped per application instance

This supports CNIL expectations around anonymization and avoiding identifiable tracking.

JavaScript 
// Only initialize Faro after user consent is obtained
if (userHasConsentedToAnalytics()) {
  const { getWebInstrumentations, initializeFaro } = await import("@grafana/faro-web-sdk");

  initializeFaro({
    url: "YOUR_GRAFANA_CLOUD_URL",
    app: {
      name: "your-app-name",
      version: "1.0.0",
    },
    instrumentations: [
      ...getWebInstrumentations({
        // Disable error tracking
        captureErrors: false,
        
        // Disable console instrumentation
        captureConsole: false,
        
        // Disable performance instrumentation
        enablePerformanceInstrumentation: false,
        
        // Disable CSP violation tracking
        enableContentSecurityPolicyInstrumentation: false,
      }),
    ],
  });
}

Available instrumentation options:

OptionDefaultDescription
captureErrorstrueCaptures JavaScript errors and unhandled promise rejections
captureConsoletrueCaptures console logs, warnings, and errors
enablePerformanceInstrumentationtrueCaptures navigation timing and resource loading performance
enableContentSecurityPolicyInstrumentationtrueCaptures Content Security Policy violations

Note

Disabling error tracking (captureErrors: false) prevents automatic error collection. You can still manually report errors using faro.api.pushError().

To learn more about specific instrumentations, refer to:

Restrict scope to a single application

The CNIL guidance requires that analytics remain limited to a single site or app unless consent is obtained.

With Faro:

  • Each SDK instance is tied to a specific app.name
  • Data is sent to a specific Grafana endpoint
  • No native cross-site tracking exists

This helps ensure analytics remain within the intended scope.

Prevent data sharing and external use

The CNIL guidance explicitly restricts:

  • Sharing analytics data with third parties
  • Combining analytics with marketing or profiling systems

Frontend Observability aligns with this by design:

  • Data is sent only to your Grafana Cloud stack
  • No integration with advertising networks
  • No automatic data enrichment

Configure retention policies

Retention should be limited and clearly defined.

Grafana Cloud retention defaults:

  • Logs/traces: typically 30 days
  • Metrics: longer-term aggregation (up to 13 months)
  • Custom retention: configurable for enterprise customers

Organizations should review and adjust retention to match their privacy requirements.

If a user withdraws consent:

  • Prevent Faro from initializing on future page loads
  • End active sessions (for example, reload the page)
  • Allow existing data to expire based on retention policies

Consent must be revocable and respected continuously.

Privacy as a trust and product advantage

CNIL compliance is often viewed as complex and challenging—but it can also be a strategic advantage.

By adopting a privacy-first observability approach, organizations can:

  • Reduce reliance on intrusive tracking mechanisms
  • Build user trust through transparency
  • Maintain control over their data
  • Align with evolving European privacy standards

Grafana’s architecture—focused on control, flexibility, and minimal data assumptions—makes it a strong foundation for teams prioritizing privacy.

Final Thoughts

CNIL’s guidance reinforces a broader shift: analytics should be purpose-driven, minimal, and transparent.

Grafana Frontend Observability provides the building blocks to implement these principles—but compliance ultimately depends on how you configure and use the platform.

Always consult your legal and privacy teams and refer to CNIL’s official guidance for the most current requirements.

With the right setup, it’s possible to gain meaningful insights while respecting user privacy—and turning privacy compliance into a competitive differentiator.

Frequently asked questions

Does Frontend Observability collect full IP addresses by default?

No. The Faro collector endpoint doesn’t log or store IP addresses. When you enable geolocation (it’s disabled by default), the collector derives location from the IP address and immediately discards the IP.

Is IP truncation configurable?

IP truncation isn’t required because Frontend Observability doesn’t store IP addresses. When you enable geolocation, the Grafana Cloud collector uses the IP address to derive location information and immediately discards the IP.

What is the session ID lifetime?

By default, Faro uses non-persistent sessions:

  • Session IDs are randomly generated and stored in sessionStorage
  • Sessions expire when you close the browser tab or window
  • No data persists between visits

If you enable persistent sessions:

  • Session IDs are stored in localStorage
  • Sessions persist up to maxSessionPersistenceTime (default: 16 minutes)
  • Sessions continue across browser restarts

Refer to Limit session duration and identifier lifetime for details on configuring persistent session duration.

Are retention controls configurable?

Retention periods are configured at the Grafana Cloud stack level:

  • Free tier: 14-day retention
  • Default retention: 30 days for logs/traces
  • Metrics: up to 13 months
  • Custom retention: available through enterprise contracts

Contact your Grafana Labs representative to adjust retention periods.

Does Frontend Observability share data with third parties?

No. Frontend Observability doesn’t join Faro data with marketing systems or share data with third parties. Data is sent to your Grafana Cloud stack and isn’t shared externally.

Can I use Frontend Observability for a single site only?

Yes. Each Faro SDK instance is initialized with a specific app.name and sends to a specific Grafana Cloud endpoint. There is no built-in cross-site tracking mechanism.

What happens if a user withdraws consent?

If a user withdraws consent, you must stop collecting new data:

  • Prevent Faro from initializing on subsequent page loads by checking consent status before calling initializeFaro()
  • If the user is on an active session when they withdraw consent, reload the page to ensure Faro isn’t running
  • Existing data in Grafana Cloud follows your configured retention period and is automatically deleted after that time

Frontend Observability doesn’t provide automatic consent withdrawal handling. You must implement this in your consent management platform.