A session is a visit to your site or app from a single visitor. It consists of events like page views, downloads, ecommerce conversions and the like.
A session starts with the first event and ends 30 minutes after the last event. This means that when the time gap between two events is longer than 30 minutes, a new session is created with the second event.
During the first session, a visitor is marked as New visitor
. When they visit again, they are marked as Returning visitor
.
Piwik PRO recognizes visitors using three methods:
- Visitor ID: Our JavaScript tracker sets a vistior cookie (
_pk_id.*
) in the visitor’s browser and assigns a unique identifier called aVisitor ID
. The tracker uses that ID to recognize the visitor.The cookie expires after 13 months by default (or after 30 minutes for anonymous visitors). Also, a visitor can clear cookies at any time. If that happens, the tracker will set a cookie again with a new
Visitor ID
. - Session ID: Our backend tracker creates a hash for each session based on the visitor’s IP address, operating system, browser name, browser version, browser language and enabled browser plugins. During tracking, a temporary link between
Session ID
andVisitor ID
is created. The tracker uses that link to recognize events belonging to the same session.The link between
Session ID
andVisitor ID
expires 30 minutes after the last event. Since we don’t store theSession ID
anywhere else, it’s impossible to determine returning visitors relying solely on its value.The hash itself is not available in any report, but the data used for creating it is visible in raw requests in the tracker debugger for 6 hours. After that time, it’s stored in raw log format for 30 days, but it’s not available in the application interface (We store it only for security reasons: (1) to protect us against malicious actions and bots, (2) to troubleshoot any tracking issues, (3) to recover data in case of data losses.). After that time, it’s permanently deleted.
The tracker uses
Session ID
as a primary mechanism to recognize sessions or as a fallback mechanism when it can’t create cookies and useVisitor ID
.Note: If you turn off Use a session ID (Administration > Sites & Apps > Privacy > Ask visitors for consent (off) > Use a session ID (off)), the tracker will only use
Visitor ID
from the cookie to recognize visitors. - User ID: This is an additional method that the JavaScript tracker can use only after you’ve set up a user ID. The
User ID
is any unique identifier that you can pass from your site or app to the tracker. It can be the same user ID as in your CMS, CRM or sales system.The
User ID
has the highest rank among mentioned identifiers. If available, the tracker uses it instead of other methods.