Skip to main content

How does Adora treat my data?

Privacy is a core value at Adora. We provide robust controls to ensure you capture only what you need and nothing more. Our privacy controls give you full authority over the data being sent:
  • Adora operates only on pages where the snippet is explicitly installed.
  • All input elements are masked by default.
  • You can configure additional elements to mask or block using adora-mask or adora-block.
For guidance on managing your privacy settings, refer to Privacy Controls.

Does Adora use cookies?

By default Adora doesn’t use any cookies. However, we do support tracking across subdomains, which requires the use of a first party cookie. This is setup on a case-by-case basis when requested by customers. If you want to link sessions between different subdomains (e.g. www.adora.so and app.adora.so) please reach out to us via slack.

How is user data sent and stored?

Session data captured in the end user’s browser is transmitted securely via HTTPS and stored with encryption at rest. Adora does not capture images or screenshots directly from the client browser. Instead, only a stream of events—representing HTML and CSS changes—is recorded. These events adhere to the configured Privacy Controls to prevent the transmission of unwanted data. For additional details, visit our Trust Center.

Deleting user data

You can delete session data for a specific user via our self-service API. To get started, find your delete token in Settings > General. Then, make the following request: 
curl --location 'https://api.adora.so/sessions/delete' \
  --header 'Content-Type: application/json' \
  --data '{
    "token": "<YOUR_DELETE_TOKEN>",
    "uid": "<uid-sent-in-adora-start>"
  }'
The uid is the same one you passed to adoraStart when initializing Adora on your site.