Description
Zero PII. No cookies. No consent banner required.
Harvv Analytics ships a lightweight (under 10 KB gzipped) behavioral tracker that captures how visitors interact with your pages — dead clicks, rage clicks, scroll depth, hover intent, JavaScript errors, engagement time — and syncs WooCommerce orders to your Harvv dashboard. It never reads cookies, never transmits names, emails, phone numbers, or addresses, and never stores personal data in your WordPress database.
Because the plugin transmits no personal data, it does not require a cookie-consent banner under GDPR, CCPA, or PECR. Your visitors see no pop-ups; your checkout flows are not slowed; your compliance posture is simpler.
What this plugin does
- Enqueues a vanilla-JS tracker (no jQuery, no external scripts) on your frontend.
- Captures behavioral signals: scroll depth, click targets, dead/rage clicks, hover intent, page errors, engagement time.
- Syncs WooCommerce orders on
woocommerce_payment_complete(never blocks checkout). - Passes customer identity as a non-reversible hash derived from the site’s own salts — the raw email never leaves WordPress.
- Works with WooCommerce HPOS (Custom Order Tables) out of the box.
- Multisite-aware: one network API key, per-subsite Site IDs, per-subsite admin overrides.
What this plugin does NOT do
- Does not set or read cookies.
- Does not transmit email addresses, names, phone numbers, postal addresses, or IP addresses.
- Does not load any JavaScript from external URLs — the tracker ships bundled with the plugin.
- Does not create custom database tables on your WordPress site.
- Does not record session replays or keystrokes.
Why you might want this
If you run a WooCommerce store and want to see the dead clicks, rage clicks, and broken checkout paths your visitors hit — without making them click through a GDPR banner — Harvv is designed for you. The behavioral signals are sent to your Harvv dashboard where they become a prioritized list of UX fixes with plain-English explanations.
External Services
This plugin relies on the Harvv analytics service (operated by Olivas Venture Capital LLC d/b/a Harvv) to store and analyze behavioral events. Data is transmitted to the following endpoint:
- Endpoint:
https://api.harvv.com/v1/track - When: Events are sent continuously while a visitor is on your site (batched every 5 seconds or on tab close, via
navigator.sendBeaconwhen available). WooCommerce order events are sent once, onwoocommerce_payment_complete. - What is sent (behavioral events): Session ID (random, in-memory, regenerated per browser tab — never a stable cookie), visitor ID (sessionStorage-scoped, cleared when the tab closes), event type, page path (no query string with sensitive params), referrer, viewport dimensions, CSS selectors of clicked/hovered elements (tag + id + first class name only, no text content), JavaScript error messages, engagement timestamps.
- What is sent (WooCommerce events): Order ID, order status, order total, line-item product IDs and quantities, coupon codes, payment method name, shipping method name, non-reversible customer hash (derived via
wp_hash()using your WordPress salts). - What is NOT sent: Names, email addresses, phone numbers, postal addresses, IP addresses, raw user IDs, cookies, session replays, keystroke data, form values.
- Registration endpoint:
https://api.harvv.com/v1/sites/register— called once per site (or subsite on Multisite) to obtain a Site ID. Transmits only the site URL, site name, WordPress version, PHP version, and plugin version. - Connect flow:
https://harvv.com/connect/wordpress— opened in a new browser tab when an admin clicks “Connect to Harvv” in the plugin settings. Harvv’s hosted signup page handles authentication; it then POSTs the API key back to your site’s own REST endpoint (/wp-json/harvv/v1/connect) with a nonce you generated locally. - Harvv terms of service: https://harvv.com/terms
- Harvv privacy policy: https://harvv.com/privacy
By activating this plugin and supplying an API key, you consent to the transmission of the data described above to Harvv. You can disconnect at any time from the plugin’s settings page; uninstalling removes all plugin options from your database.
Installation
- Install and activate the plugin through the WordPress Plugins screen, or upload the plugin folder to
/wp-content/plugins/harvv-analytics/. - Navigate to Settings Harvv Analytics.
- Click Connect to Harvv — this opens harvv.com in a new tab for signup. Once you complete signup, the tab will notify this plugin and your API key will be saved automatically.
- Alternatively, expand I already have an API key and paste your key manually.
- On WooCommerce sites, no further action is needed — order events start flowing on the next completed payment.
For multisite networks: go to Network Admin Settings Harvv Analytics and set one network-wide API key. Each subsite will auto-register with Harvv on its next pageload and receive its own Site ID.
FAQ
-
No. The plugin sets no cookies and transmits no personal data. Under GDPR, CCPA, and PECR, cookie-consent banners are required only when a site sets non-essential cookies or transmits personal data to third parties. Harvv transmits only behavioral signals (dead clicks, scroll depth, etc.) and a non-reversible customer hash — these are not personal data under any major privacy regime.
If your legal counsel interprets the regulations more conservatively than we do, you can still add Harvv to your privacy policy’s third-party services section. The plugin provides suggested language at Settings Privacy Policy Guide.
-
Does this plugin work without WooCommerce?
-
Yes. The WooCommerce integration loads conditionally — on a non-Woo WordPress site, the plugin runs as a pure behavioral pixel.
-
Does this plugin slow down my checkout?
-
No. All outbound HTTP calls use
wp_remote_post()with'blocking' => false, and the browser tracker usesnavigator.sendBeacon()orfetchwithkeepalive: true. Nothing in the plugin waits on a response from Harvv. -
Is this plugin HPOS (Custom Order Tables) compatible?
-
Yes. The plugin declares compatibility with
custom_order_tablesand uses only the WC_Order CRUD API — never direct$wpdbaccess against order tables. -
What happens if my site loses internet connectivity?
-
The browser tracker queues events locally and attempts to flush on each interval; unsent events are discarded silently when the browser tab closes. WooCommerce order events are fire-and-forget — if your site cannot reach
api.harvv.comat the moment ofpayment_complete, the event is lost. We do not queue order events for retry on-site because doing so would require creating a custom database table, which this plugin intentionally does not do. -
How do I uninstall?
-
Delete the plugin from the Plugins screen. All plugin options (
harvv_api_key,harvv_site_id, and related) are removed viauninstall.php. The plugin never creates custom database tables on your site, so nothing is left behind. -
I use caching plugins — does this conflict?
-
No. The tracker is enqueued in the footer and is cache-friendly (same output for every visitor). The Connect-flow REST endpoint is under
/wp-json/harvv/v1/*and is gated by a one-shot nonce, so caching that endpoint is harmless.
Reviews
There are no reviews for this plugin.
Contributors & Developers
“Harvv Analytics” is open source software. The following people have contributed to this plugin.
Contributors
Translate “Harvv Analytics” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
1.0.0
- Initial release.
- Behavioral tracker (dead clicks, rage clicks, scroll depth, hover intent, JS errors, engagement).
- WooCommerce
payment_completeorder sync. - HPOS (Custom Order Tables) compatibility declared.
- Connect-to-Harvv flow with one-shot nonce + HMAC-signed callback.
- Manual API-key entry as alternative path.
- Multisite support with per-subsite override.
- WordPress Privacy API integration (suggested policy text + empty exporter).