Skip to main content

Overview

Before visitors sign up or log in, they’re anonymous. Outlit tracks their behavior and later connects it to their profile when they identify themselves.

The Anonymous Phase

When someone visits your website for the first time:
  1. Visitor ID generated - A UUID stored in localStorage and cookies
  2. Session begins - First-touch attribution captured (UTM, referrer)
  3. Events tracked - Pageviews, form views, button clicks
  4. Stored as AnonymousVisitor - Ready to be linked later

What’s Captured

Automatic Attribution

On first visit, Outlit captures:
DataSourceExample
UTM SourceURL paramsutm_source=google
UTM MediumURL paramsutm_medium=cpc
UTM CampaignURL paramsutm_campaign=spring_2024
First ReferrerHTTP headerhttps://google.com
First Landing PageURL/pricing?plan=pro
IP AddressRequestFor company enrichment

Events Stored

All events are stored for anonymous visitors and will be linked when they identify: 
// All these are tracked for anonymous visitors
outlit.track('pricing_viewed', { plan: 'enterprise' })
outlit.track('demo_video_played', { duration: 120 })
outlit.track('feature_explored', { feature: 'integrations' })

Form Data

Form submissions are captured with automatic sanitization: 
{
  "type": "form",
  "formId": "contact-form",
  "formFields": {
    "email": "jane@acme.com",
    "name": "Jane",
    "company": "Acme Inc"
  }
}
Sensitive fields (password, credit_card, SSN, etc.) are automatically removed from form data.

Visitor ID Storage

The visitor ID is stored in two places for redundancy:

localStorage

// Key: outlit_visitor_id
// Value: "a1b2c3d4-e5f6-7890-abcd-ef1234567890"
localStorage.getItem('outlit_visitor_id')

outlit_visitor_id=a1b2c3d4-e5f6-7890-abcd-ef1234567890; 
expires=<1 year>; 
path=/; 
SameSite=Lax
The cookie enables cross-subdomain tracking (e.g., www.example.comapp.example.com) and works when localStorage is blocked.

Identity Resolution

When identify() is called, the anonymous history is linked: 
// This triggers identity resolution
outlit.identify({
  email: 'jane@acme.com',
  traits: { name: 'Jane Doe' }
})

What Happens

  1. Find or create contact with the provided email
  2. Link the anonymous visitor to the contact
  3. Historical events are processed:
    • All previous events are added to the customer timeline
    • Original timestamps are preserved
    • The complete journey is now visible

Timeline After Resolution

Jane Doe (jane@acme.com) - Customer Timeline
├── Mar 1, 10:00am - First visited /pricing (anonymous)
├── Mar 1, 10:05am - Viewed enterprise plan (anonymous)
├── Mar 1, 10:10am - Watched demo video (anonymous)
├── Mar 3, 2:00pm  - Returned, viewed /features (anonymous)
├── Mar 3, 2:15pm  - Submitted contact form ← IDENTIFIED
├── Mar 3, 2:20pm  - Viewed /signup
└── Mar 3, 2:25pm  - Created account

Cross-Device Behavior

Anonymous tracking is per-browser. The same person on different devices has different visitor IDs until identified: 
Phone Browser:    visitorId: "phone-abc-123"
Laptop Browser:   visitorId: "laptop-xyz-789"

After identify(email: "jane@acme.com") on both:
→ Both histories merge into Jane's profile

Session Management

New Sessions

A new session starts when:
  • 30+ minutes of inactivity (configurable)
  • Browser closed and reopened
  • New day (midnight UTC)

Session Data

Each session tracks:
  • Session start time
  • Pages viewed in session
  • Session duration
  • Conversion events

Company Enrichment

For B2B scenarios, anonymous visitors can be enriched with company data:
  1. IP Address captured on first visit
  2. Background job looks up company by IP
  3. Company associated with AnonymousVisitor
  4. Appears in dashboard as “Company X visiting”
Company enrichment requires additional configuration. Contact us for setup.

Handling Edge Cases

Cleared Cookies/Storage

If a visitor clears their browser data:
  • New visitorId generated
  • Previous anonymous history orphaned
  • Can only link if they identify again
Consider using identify() immediately after login, even for returning users, to ensure continuity.

Private/Incognito Browsing

  • New visitorId per session
  • localStorage may be cleared on close
  • Cookie may not persist
  • History captured but may not link

Multiple People, Same Browser

If multiple people use the same browser:
  • Same visitorId used
  • Events mixed together
  • Identify separates them (by email)
Best practice: Encourage users to log in for accurate tracking.

Accessing Anonymous Data

Get Current Visitor ID

// Browser SDK
const visitorId = outlit.getVisitorId()

Send to Your Backend

// Send visitor ID for server-side correlation
fetch('/api/track', {
  headers: {
    'X-Outlit-Visitor-ID': outlit.getVisitorId()
  },
  body: JSON.stringify({ action: 'viewed_pricing' })
})

Privacy Considerations

Data Retention

Anonymous visitor data is retained for:
  • Unidentified visitors: 90 days (configurable)
  • Identified visitors: Linked to customer, retained per your policy

GDPR Compliance

  • Anonymous data can be deleted on request
  • Visitor ID is pseudonymous (not directly identifying)
  • IP addresses used only for company lookup
  • No cross-site tracking

Opt-Out

Respect user preferences: 
// Check for opt-out preference
if (!hasTrackingConsent()) {
  // Don't initialize tracker
  return
}

outlit.init({ publicKey: 'pk_xxx' })

Next Steps

Identity Resolution

How profiles are merged across identifiers

Browser Tracking

Detailed browser integration guide