@mattab opened this Issue on September 1st 2020 Member

Can we update the FAQ at https://matomo.org/faq/general/faq_21418/ to mention for example:

  • A fingerprint is basically valid for up to 30 minutes after the visit ends (unless different visit length is configured)
  • The fingerprint always includes a random hash. These randomised "hashes" added to each fingerprint are changed every 24 hours. Meaning the same visitor will have a totally different fingerprint every day and therefore no person or device can be identified across multiple days (unless of course the tracking cookies are enabled). The used hashes for the anonymising are also deleted periodically so there's no way to identify a person over several days. (unless of course the tracking cookies are enabled)

  • As a result, no cookie consent is needed for this very limited fingerprint.
  • Mention how the fingerprint is different when create_new_visit_after_midnight=0 or when enable_fingerprinting_across_websites=1

From #15886 #13655

Powered by GitHub Issue Mirror