# Privacy

> The privacy stance, and related packages.

## Privacy

WaveformTracker is built for content metrics, not user surveillance:

- **No cookies, no `localStorage`, no PII** are collected or stored.
- The optional `session` id is a fresh random string per `init()`, held in memory only and regenerated on reload — it correlates events within one page session, nothing more. Disable it with `session: false`.
- `page` is `window.location.pathname` only — no query string, no host.
- Seeks are deliberately uncredited, so the numbers reflect content genuinely consumed.

You decide what (if anything) identifying gets attached, via `metadata` — and what your endpoint or `handler` does with it.

## Related

- [WaveformPlayer options](/player/options/) — the player whose events the tracker consumes, including `url`, `title`, and external audio mode.
- [Installation](/getting-started/installation/) — loading the player and add-ons.
