How data flows through our system, what we collect, how we process it, and the steps we've taken to protect your visitors' privacy.
Last updated March 31, 2026
We believe in radical transparency about how your data flows through our system. Unlike many analytics providers, we want to show clearly what happens when someone visits your website, interacts with your content, or converts through your brand.
We've designed Bantico to be privacy-aware from the ground up. We focus on understanding sources, content, and conversions without relying on invasive tracking patterns.
When someone visits your website, our lightweight script can send a pageview event with basic information about the visit.
The browser naturally sends us the visitor's IP address and User-Agent string. We also receive the page URL, referrer, and your project token so we know which Bantico workspace the visit belongs to.
By default, our implementation is designed to minimize unnecessary persistence and support privacy-conscious analytics workflows.
If a visitor has Global Privacy Control or Do Not Track enabled, your implementation and consent setup should respect those preferences.
You may choose to send personal data through identify-style events or custom event properties. Please review your consent and GDPR setup before doing so.
Beyond basic pageviews, Bantico can support these event types:
| Event type | Description |
|---|---|
| Pageview | Automatically tracked when someone visits a page. |
| Identify | Used when a product owner chooses to connect anonymous activity to a known user profile. |
| Outgoing | Tracked when someone clicks a link or button that leads to another website. |
| Custom | Custom product events such as button clicks, form submissions, or content interactions. |
| Heartbeat | Periodic events that help estimate page duration and session continuity. |
| Performance | Core Web Vitals metrics such as LCP, CLS, INP, FCP, and TTFB. |
Before we process visitor data, requests can go through security checks. We filter suspicious traffic and use rate limiting to reduce abuse and help keep analytics cleaner and more reliable.
If an IP address makes too many requests in a short period, it may be temporarily limited. These records are used for protection and not for profiling.
Once a request passes these checks, we process the visitor data for analytics and attribution purposes.
To support privacy-conscious analytics, Bantico can create an anonymous visitor signature using request metadata and project-level context.
This may include the visitor's IP address, User-Agent string, your project token, and rotating salts or similar privacy-preserving methods, depending on implementation.
IP addresses may also be used briefly to derive approximate geolocation. After that, only coarse location information such as city, region, country, or country code should be retained when needed.
We do not aim to store precise user coordinates. When location visualization is needed, city-level or similarly coarse granularity should be used.
This helps provide another layer of privacy for your visitors while still allowing useful source and location insight.
After processing, your analytics and attribution data is stored in systems chosen for product performance, reliability, and security.
We organize your data into four main buckets:
| Data type | What’s stored |
|---|---|
| Events | Pageviews, clicks, and custom events with anonymous signatures, browser info, location data, and page details. |
| Sessions | Aggregated session data such as session length, page depth, bounce behavior, and continuity metrics. |
| Profiles | Anonymous visitor profiles that can optionally include personal information if identify functionality is used. |
| Performance | Core Web Vitals metrics associated with page visits and sessions. |
Most data is retained while your account is active unless you delete it. Specific retention periods may vary by feature and by the tools connected to Bantico.
Long-term retention helps you understand how your website, sources, and business change over time. You can delete your project or account to remove your data from our systems.
Events may also be queued briefly for background processing so we can batch operations efficiently and apply safeguards before storage.
We work with a small number of carefully chosen partners to deliver our service. Here's who helps us operate Bantico.
| Partner | What they do for us |
|---|---|
| Google Cloud | Hosts Bantico infrastructure and core services, including Firebase-backed functionality used to run the product securely. |
| Resend | Sends account emails, billing notifications, and important product updates. They do not power Bantico analytics itself. |
| Stripe | Handles payment processing and billing-related features. They only see payment-related data. |
| Mapbox | Powers maps and location visualizations inside the product. |
We believe transparency builds trust. That's why we explain how your data flows through Bantico, what we collect, and how we aim to protect visitor privacy.
We do not build Bantico to sell your data to third parties. Your data belongs to you.
If you have questions about how we handle data or want clarification on any part of this policy, contact us at hello@bantico.com.
