builder icon indicating copy to clipboard operation
builder copied to clipboard

Published 20 hours ago verified publisher icon BuilderIO

Feature request: disable client-side tracking via Pixel

Open thomkrupa opened this issue 1 year ago • 7 comments

Hey,

This is more like a feature request.

I believe it's not appropriate to track traffic by Builder via Pixel, especially when there is a canTrack prop. Even if it's set to false, it still sends tracking requests.

I recently discovered this, and it's a significant blocker for us and many of our clients. This practice is not GDPR-friendly and is quite unusual for a Headless CMS.

I think tracking should happen server-side. I assume Builder has data on the number of API requests, etc.

What is Builder's stance on this? I saw a post on the community forum stating that it's a "critical" feature. I would like to raise awareness about this issue, get a clear response from Builder, and eventually plan a migration for ourselves if there is no option to disable client-side tracking.

Thanks!

thomkrupa avatar Jun 07 '24 10:06 thomkrupa

This is a real problem in the company where I work. Google is disapproving all our marketing pages because of this tracking, and we are losing lots of money. I stopped using builder.io for our marketing pages and started looking for a new solution. It is a shame.

leandrosimoes avatar Sep 24 '24 14:09 leandrosimoes

Hi @leandrosimoes, can you elaborate on how Google is "disapproving" your marketing pages? What is the exact issue you're encountering? How are you losing money?

For the record, we answered @thomkrupa on a different channel, but will paraphrase here:

Our pixel is used for commercial purposes to track the number of views a content entry receives. Our pixel is a javascript-free API endpoint that fires when content is rendered. No identifying or personal information is captured nor stored.

samijaber avatar Sep 24 '24 19:09 samijaber

@thomkrupa Good to see, that I'm not the only one who was concerned about this issue.

@samijaber

No identifying or personal information is captured nor stored.

Let me enlighten you about the GDPR: The very first personal information of a visitor is his IP address. The time at which Builderio's servers process any http requests from the client, is enough to be requried to collect visitor consent for that.

Detzler avatar Dec 06 '24 16:12 Detzler

Any news about that? Honestly it can be easely bypass by rewriting using a reverse proxy. It seems also that your sdk is putting multiple pixel (this is what I see on my builder interface).

MaximeGratens avatar Dec 12 '24 13:12 MaximeGratens

Can we get an official statement from Builder saying this adheres to GDPR and other privacy laws? I don't think it should be tracking anything until the user has opted in, depending on what's tracked.

nerdyman avatar Apr 08 '25 17:04 nerdyman

Hey @nerdyman and @MaximeGratens, we've expanded on our GDPR docs-related content. Let me know if this helps or if you have any outstanding questions and I will take them back to the team. If the content does show up, please refresh:

kapunahelewong avatar May 15 '25 23:05 kapunahelewong

~~Thanks @kapunahelewong, the metrics tracking is clear but the specifics on how the tracking pixel records views isn't clear to me yet.~~

~~Are there details on how the tracking pixel works under the hood, e.g. does it use a unique ID to track specific users or does it just record each time the pixel is requested? The main concern from my side is that it could uniquely track visitors without consent.~~

Sorry missed the tracking pixel section at the bottom of the page, that clears everything up for me, thanks @kapunahelewong!

nerdyman avatar Jun 06 '25 13:06 nerdyman