Privacy and consent
TrueClara separates aggregate route health from analytics consent and keeps write keys out of the browser.
TrueClara is designed around aggregate behavior signals. The browser SDK uses a public key and the CI/API surfaces use a separate write key.
Key boundaries
| Key | Safe location | Never use for |
|---|---|---|
NEXT_PUBLIC_TRUECLARA_KEY | Browser code and public environment variables | Graph uploads or deploy uploads. |
TRUECLARA_PROJECT_KEY | CI secrets and server-side code | Browser bundles. |
If a write key appears in browser code, rotate it from project settings.
Consent states
| State | Runtime behavior | Use case |
|---|---|---|
none | Sends no browser events. | Before analytics consent or when users opt out. |
aggregate | Sends cookieless route and edge counters when configured by the project. | Aggregate behavior health. |
analytics | Allows session-scoped evidence for deeper investigation. | Post-consent diagnostics. |
Your app owns the consent decision. TrueClara does not render a cookie banner.
Integrating with a banner
Call the SDK after your consent manager grants or revokes analytics permission.
TSX
import { useEffect } from "react";
import { useTrueClara } from "@trueclara/next";
export function ConsentBridge({ analyticsAllowed }: { analyticsAllowed: boolean }) {
const trueclara = useTrueClara();
useEffect(() => {
trueclara.setConsent({ analytics: analyticsAllowed });
}, [analyticsAllowed, trueclara]);
return null;
}Data handling
- The public SDK sends route and transition events for the configured project.
- Write keys stay in CI or server-side code.
- Raw paths have shorter retention than aggregate route metrics.
- Session-scoped evidence is only useful when analytics consent and project settings permit it.
Operational guidance
Document which consent manager controls analytics permission, which environments send events, and who can rotate project keys. This makes support and incident review faster.