How can I turn off a session ID?

Administration

Needed permissions: owner

Sometimes you may want to turn off a Session ID and not use it to recognize visitor’s sessions. It could be because you want to stay compliant with some privacy laws or for other reasons.

The Session ID is a way to identify each session. Our backend tracker creates a hash for each session based on the visitor’s IP address, operating system, browser name, browser version, browser language and enabled browser plugins. During tracking, a temporary link between Session ID and Visitor ID is created. The tracker uses that link to recognize events belonging to the same session.

The link between Session ID and Visitor ID expires 30 minutes after the last event. Since we don’t store the Session ID anywhere else, it’s impossible to determine returning visitors relying solely on its value.

The hash itself is not available in any report, but the data used for creating it is visible in raw requests in the tracker debugger for 6 hours. After that time, it’s stored in raw log format for 30 days, but it’s not available in the application interface (We store it only for security reasons: (1) to protect us against malicious actions and bots, (2) to troubleshoot any tracking issues, (3) to recover data in case of data losses.). After that time, it’s permanently deleted.

The tracker uses Session ID as a primary mechanism to recognize sessions or as a fallback mechanism when it can’t create cookies and use Visitor ID.

To turn off Session ID, follow these steps:

  1. Go to Menu > Administration.
  2. Navigate to Sites & apps.
  3. On the left, pick a site or app you want to work with.
  4. Navigate to Privacy.
  5. Ask visitors for consent needs to be turned off.
    Ask visitors for consent (off)
  6. Turn off Use a session ID.
    Use a session ID (off)
  7. Click Save.

Comparison of options

We’ll now show you how your data might change when the session ID is deactivated. We’ll also compare different data collection methods, helping you understand how combining them can influence your data.

Cookies & session ID No cookies No session ID No cookies & session ID
Mechanisms used to collect data
First-party cookies (1) (1)
Local storage
Session ID (2)
Visitor’s IP address Yes / No (3) Yes / No (3)
Visitor ID
Collected data
Capture all traffic
New vs. returning visitors
Visitor’s session (4)
Visitor’s location Latitude, Longitude, Organization, Provider, City, Region, Country, Continent Latitude, Longitude, Organization, Provider, City, Region, Country, Continent Latitude, Longitude, Organization, Provider, City, Region, Country, Continent Latitude, Longitude, Organization, Provider, City, Region, Country, Continent
Events
Traffic sources
Channel attribution Last-click, position-based, first-click, last-non-direct-click, time-decay, linear and custom models Last-click Last-click, position-based, first-click, last-non-direct-click, time-decay, linear and custom models
Privacy laws
Compliant with Countries without privacy laws,
CCPA (5), HIPAA (7)
Cookie laws, HIPAA (7) Cookie laws, HIPAA (7) GDPR, UK GDPR/PECR (6), TTDSG (6), HIPAA (7)
  1. Some triggers in Tag Manager set cookies to function correctly.
  2. We create a session ID to recognize the visitor’s session. We only use it for 30 minutes since the last event.
  3. You can mask visitors’ IP addresses under Administration > Sites & apps > Privacy > Mask IP addresses. An IP address gives you a visitor’s location. Masking it removes the selected number of bytes from the address before saving it to the database. Nobody will ever see the full address. Masking an address can enhance visitor privacy, as you won’t be able to see their precise location.
  4. Each event is a new session.
  5. You need to add an opt-out form (“do not sell my personal data”).
  6. Assuming the product is set up to avoid storing additional device-level information, such as screen resolution or browser plugins. You can set it in Administration > Sites & apps > Privacy > Don’t collect visitor’s device data (on).
  7. If you have the Enterprise plan and have signed a BAA with us.  

Was this article helpful?

Technical support

If you still have any questions, visit our community.
There’s always someone happy to help!

Back to help center