PRIVACY & COMPLIANCE

Built Privacy-First — By Design

AiTRK (collection) and Atrilyx (processing) are designed to respect user privacy and global regulations while preserving the measurement marketers need.

First-Party Cookies

Same-domain CNAME support for ITP compliance. All cookies are first-party, ensuring reliable tracking even in privacy-restricted browsers.

HTTPS-Secure Transport

All data transport and assets are served over HTTPS, preventing mixed-content blocking and ensuring secure data handling.

Data Minimization by Default

Granular tag management ensures only necessary data is collected. Governance controls provide transparent data handling policies.

Consent-Aware Design

Configurable data retention policies and consent-aware design ensure compliance without sacrificing measurement capability.

Frameworks Supported

  • GDPR — Full compliance with EU General Data Protection Regulation principles
  • CCPA — California Consumer Privacy Act compliance
  • HIPAA — Support for healthcare clients' data handling requirements
  • Google Ads Certified — AiTRK is certified by Google Ads as a click tracking solution, ensuring compliance and trust across both regulatory and platform requirements

Compliance and performance can coexist. Learn how your policies map to AiTRK + Atrilyx.

FREQUENTLY ASKED QUESTIONS

Questions About Privacy & Compliance

Yes. AiTRK is designed for GDPR compliance with first-party cookie architecture, data minimization principles, consent management integration, and the ability to honor data subject access requests (DSARs). No personally identifiable information (PII) is stored in the tracking layer.

Yes. AiTRK supports HIPAA requirements for healthcare marketing, including data encryption in transit and at rest, access controls, and audit logging. Healthcare clients use AiTRK to track campaign performance while maintaining patient privacy compliance.

AiTRK integrates with major consent management platforms (CMPs) to respect user consent preferences. When a user declines tracking consent, the pixel does not fire or set cookies. The system supports granular consent categories so users can allow analytics while declining advertising tracking.

No. AiTRK uses a first-party cookie architecture exclusively. Cookies are set under your own domain, either directly or via CNAME configuration. This means AiTRK tracking is not affected by browser third-party cookie deprecation and continues working in Safari, Firefox, and Chrome.

AiTRK collects: page URLs, referrer data, event actions (clicks, forms, purchases), device and browser metadata, IP addresses (hashed for identity resolution), and ad impression/click IDs from integrated networks. AiTRK does NOT collect: names, email addresses, passwords, payment information, health data, or any PII. Identity resolution uses anonymized identifiers.

See What Your Current Tracking Misses

AiTRK is the foundation of the Atrilyx platform. Book a demo to see the full stack — from pixel to AI.

Book a Demo