Email tracking settings

Tracking is customizable at tenant level. Configure what you track, how long you store, how strict on privacy.

Where to find it

/manager/connect/email/tracking/settings.

The 7 fields

1. trackOpens (default: true)

Pixel tracking on/off. If off, open events not recorded.

2. trackClicks (default: true)

URL rewrite on/off. If off, links go without Bookinda redirect.

3. trackDevices (default: true)

Device / client detection. If off, only main events (open, click), no device info.

4. anonymizeIpAfterDays (default: 30)

• 0: never store IP
• 1-N: anonymize after X days (e.g., delete last octet)

GDPR-recommended: max 30-90 days.

5. respectDoNotTrack (default: true)

If customer browser sends DNT header, Bookinda doesn't track. Ethics + GDPR.

6. retentionDays (default: 90)

How long raw events are stored. Daily cron deletes after.

7. aggregateAfterDays (default: 30)

Detailed events convert to aggregates (daily summary) after X days. Aggregate stores less data, just stats.

Daily cron

Every day 02:00 (Budapest tz):

1. Aggregate: 30+ day events → daily summary
2. Anonymize IP: 30+ day IPs anonymized
3. Delete: 90+ day events deleted

Raw data reduces, long-term pattern stays.

Manual operations

Bulk delete

DELETE /events?before={date} API endpoint. E.g., all events before 2026-01-01 deleted.

Per-customer data deletion

For GDPR right-to-be-forgotten:

• Customer profile → Privacy → "Delete tracking data"
• Only tracking events deleted, customer record stays

Engagement-score reset

If suspiciously high / low score:

• Customer profile → Engagement → "Reset to 50"

Tracked links retention

Tracked links live 90 days (default), then auto-deleted. Older campaign links expire (new campaigns generate new links).

Channel selection

Tracking toggleable at channel level:

• Marketing campaign emails: tracked
• Transactional (booking confirmation, reminder): tracked
• System emails (password reset): NOT tracked (privacy)

Channel selection at campaign send time or automation config.

When to use it

Scenario 1, GDPR tightening New legal advice: IP storage max 7 days. anonymizeIpAfterDays = 7. Retention 30 days.

Scenario 2, performance tuning Too much event data, slow dashboard. retentionDays = 60, aggregateAfterDays = 14. Old data aggregates.

Scenario 3, customer request Customer asks for tracking data deletion. Customer profile → Privacy → Delete. Deleted within 24h.

Scenario 4, tracking off Salon owner privacy-sensitive. trackOpens = false. Only click tracking stays.

Scenario 5, dev/test Test-tenant trackOpens + trackClicks = false. No tracking noise.

Tips

• Default settings are 95% OK, modify only for special needs.
• 30-day IP anonymization is GDPR-friendly default, don't leave 0 (forever storage).
• 90-day retention is sweet spot: enough data for best-send-time, not too much.
• respectDoNotTrack should always be true, don't flip false (ethics + GDPR).
• After aggregate-after-days, individual events lost, only daily summary remains.
• Bulk delete is cautious, sure you won't need the data again?

Related articles

• Overview
• GDPR and privacy