Trust & Security

Last updated: March 29, 2026

Harvv is built on a simple principle: we should be able to tell you exactly what's broken on your site without knowing anything about your users.

Our Pixel is 6KB Gzipped. Read Every Line.

Our entire tracking pixel is under 3,500 bytes. That's smaller than the paragraph you just read. You can view the full unminified source code right now — it takes about 5 minutes to read.

For comparison: Google Analytics is 47KB. Hotjar is 470KB. FullStory is 59KB. You cannot meaningfully audit those scripts. You can audit ours over coffee.

What We Collect

Signal	What we capture	What we DON'T capture
Clicks	Element tag, class, first 20 chars of visible text	Not the text in input fields. Not form values.
Scroll	How far they scrolled (25/50/75/100%)	Not what content was on screen
Text Selection	Which element, how many characters	Not the selected text itself
Keyboard	Tab and Escape keys only	No letters, numbers, passwords, or any typed content
Identity	Random 8-character hex ID (cookie)	No name, email, IP address, or device fingerprint
Performance	TTFB, LCP, CLS (standard web vitals)	No network request URLs or payloads

What We Cannot Do

We cannot read form inputs. If a user types their credit card number, we see "input[text]#card-number" — the element identifier, never the value.
We cannot see page content. We don't capture DOM snapshots, screenshots, or session recordings.
We cannot track users across sites. Our cookies are first-party, scoped to your domain only.
We cannot identify individual users. Our visitor ID is a random hex string with no connection to real identity.

Architecture

Pixel: 3,363 bytes gzipped. Vanilla JavaScript. No dependencies. Loads asynchronously — zero performance impact.
Data transfer: Events batched and sent via navigator.sendBeacon every 10 seconds. JSON payload with short keys (v, s, e, t, d).
Storage: PostgreSQL on Railway (US region). Data retained per your plan terms.
AI Analysis: Anthropic Claude API for issue diagnosis. Your behavioral data is sent to Anthropic for analysis — Anthropic's privacy policy prohibits training on API inputs.
Email: Resend for transactional email. Resend's privacy policy.
Payments: Stripe for billing. We never see or store credit card numbers.

Subprocessors

Service	Purpose	Data Shared
Railway	Hosting & database	All event data (stored)
Anthropic	AI analysis	Aggregated behavioral patterns (no PII)
Resend	Transactional email	Recipient email addresses only
Stripe	Payment processing	Billing info (handled by Stripe)
Apollo.io	User enrichment (optional)	Signup email for company lookup

Compliance

GDPR: We collect no personal data as defined by GDPR. Random hex IDs are not personally identifiable without additional information we don't have.
CCPA: We do not sell personal information. We do not share data with third parties for their own purposes.
Cookie Consent: Our cookies are first-party functional cookies (session management). Many jurisdictions exempt these from consent requirements. We recommend consulting your legal team for your specific situation.

Verify It Yourself

Read our full pixel source code — every line, commented
Open your browser DevTools → Network tab → filter by "harvv" or "pixel.js" → inspect every request we make
Check the payload: it's JSON with short keys (v=visitor, s=session, e=event type, t=timestamp, d=data). No PII anywhere.

Questions? Email jordan@harvv.com — I'll personally walk you through the code.