HTMLRadar

HTMLRadar · Hosted service

Privacy.

How HTMLRadar handles the data it collects. This policy applies to the hosted version at htmlradar.com. If you self-host, you own the data and write your own policy.

What we collect

When a recipient opens a tracked share, we record:

  • The email address they enter at the gate, if the share requires one.
  • A random fingerprint — a UUID we generate and store in their browser's localStorage. No cross-site value.
  • Session metrics: start time, total active time, max scroll depth, sections read with dwell.
  • Coarse network metadata: IP-derived country and city (we never store the IP itself), device / OS / browser from the user-agent, referrer URL.

We don't collect keystrokes, mouse positions, third-party trackers, anything from outside the document, or anything that identifies the recipient beyond the email they provided.

Where data lives

  • Document HTML you upload — Cloudflare R2, encrypted at rest in the region of your bucket.
  • All other data — Supabase Postgres, encrypted at rest.
  • Sentry receives crash data only. No personal data.

Who can see your data

Only the document owner can see analytics about their shares. Postgres Row Level Security enforces this at the database layer — an authenticated user querying directly cannot see another user's data.

Operators of the hosted service have technical access to the underlying database for support and abuse investigation. Access is logged and limited.

Data retention

Sessions and section events are retained for 365 days by default. You can configure shorter retention per document. Deleting a document removes all of its sessions, section events, and uploaded HTML within 24 hours.

Right to delete

Recipients can have their data removed by emailing privacy@htmlradar.com with their email address. All viewer rows and associated sessions linked to that email are removed within 14 days.

Opt out

A recipient can opt out of tracking by calling window.HTMLRadar.optOut() in the browser console of any tracked page. The opt-out persists in their localStorage and applies to every HTMLRadar link they open in that browser afterwards.

Cookies

The hosted service uses session cookies for authentication, set when you sign in. Tracked share links may set a temporary cookie when a password is required, scoped to that share. No third-party analytics or advertising cookies.

Open source

HTMLRadar is AGPL-3.0 open source. You can audit exactly what the tracker collects and how it's transmitted at github.com/htmlradar/htmlradar.

Contact

privacy@htmlradar.com

← Back to home