Privacy policy.

Last updated: April 2026

The short version.

Wiley is built to be privacy-first. We don't use cookies. We don't collect personal data. We don't track visitors across sites. We don't sell data. The tracking script does the minimum necessary to coach website owners — nothing more.

What the tracking script collects.

When a visitor loads a page with the Wiley script, we record:

  • The page URL and referrer
  • UTM parameters if present
  • Scroll depth and time on page
  • Outbound link clicks
  • Goal events you've tagged
  • Viewport size (mobile/tablet/desktop)
  • Country (derived from IP address — IP is not stored)
  • A daily anonymous fingerprint (see below)

We do not collect: names, email addresses, IP addresses (beyond country derivation), device identifiers, or any other personally identifiable information.

The anonymous fingerprint.

To distinguish unique visitors without cookies or personal data, Wiley generates a daily fingerprint — a hashed combination of signals like browser type and screen size, salted with the current date. This fingerprint resets every 24 hours and cannot be reversed to identify an individual. It's used only to count unique visitors within a day.

No cookies.

The Wiley tracking script sets no cookies — first-party or third-party. This means no cookie consent banner is required for Wiley's tracking under GDPR, ePrivacy Directive, or CCPA for most use cases. You should still consult your own legal counsel about your specific situation.

Data storage.

All event data is stored in Cloudflare's infrastructure. Data is associated with a site ID, never with a visitor identity. Wiley account holders can delete their site data at any time from the dashboard.

Public crawl data.

Wiley periodically crawls the public pages of sites enrolled in the service. This crawl behaves like any standard web crawler — it only accesses pages that are publicly available and respects robots.txt. No authentication is used and no private data is accessed.

Do Not Track.

The Wiley script respects the Do Not Track browser setting. If a visitor has DNT enabled, no events are recorded for that visitor.

Account data.

When you create a Wiley account, we store your email address, your site domain, and your stated goal. We use your email to send the daily Nudge and transactional emails (password reset, etc.). We don't send marketing email. We don't share your email with third parties.

Third-party services.

Wiley uses the following third-party services:

  • Cloudflare — infrastructure, Workers, and D1 database
  • Resend — transactional email delivery
  • Stripe — payment processing (we never see or store card details)
  • Anthropic (Claude) — AI-powered nudge generation (anonymized site data only)

Contact.

Questions about privacy? wiley@fromwiley.com