Documentation · Privacy, Security and Compliance

Analytics Retention

This document explains how the ADP Car Market Hub plugin collects, retains and deletes analytics data, and which controls site operators have to enforce data minimization and consent.

This document is not legal advice. Site operators should review their analytics configuration and any related consent requirements with their own legal advisor.

When to use this document

Use this document when you need to:

Decide whether to enable the plugin's built-in analytics.
Configure the retention window for analytics events.
Enforce a consent requirement before tracking is recorded.
Document the analytics behavior in the site's privacy notice.
Purge analytics data on demand.

Overview

When enabled, the plugin records a small set of events into a custom database table ({prefix}as24ci_analytics). Each row stores:

A vehicle post ID (or 0 for site-level events such as filter searches).
An event type.
An optional minimized extra-data payload (JSON-encoded).
A creation timestamp.

The table does not store IP addresses, user identifiers or cookies on the server side. Tracking is off by default and is only activated when the operator enables it in the plugin settings.

Setup Wizard interaction

The optional First Setup Wizard exposes the analytics master switch on its Features step:

Demo setup pre-checks the analytics toggle so that the Dashboard and Analytics pages have data to display from the demo dataset. Demo setup is intended for evaluation, sales demos and staging environments.
Live AutoScout24 setup leaves the analytics toggle unchecked. The admin must enable it explicitly. Operators should only enable analytics on a live site after reviewing privacy and cookie consent requirements for the dealership's jurisdiction. The wizard is not a replacement for a cookie consent tool, a CMP, a privacy policy or a legal review.

The wizard does not change any other tracking-related setting on its own. Existing analytics options are preserved unless the admin explicitly submits a different value on the Features step.

Tracked event types

Event	When it fires
`view`	A vehicle detail page is viewed.
`view_archive`	The vehicle archive page is viewed.
`view_compare`	The compare page is viewed.
`view_favorites`	The favorites page is viewed.
`filter_search`	The visitor performs a filter search.
`contact_open`	The contact / inquiry form is opened.
`lead_sent`	A lead is successfully submitted.

Page-view events (view, view_archive, view_compare, view_favorites) are recorded whenever analytics is enabled. The remaining events (filter_search, contact_open, lead_sent) only fire when the extended business-intelligence (BI) tracking is also enabled.

Requirements

WordPress with WP-Cron functioning normally (or an equivalent system cron). The retention cleanup runs as a scheduled WP-Cron event.
An administrator with the plugin's management capability to change analytics settings and to trigger an immediate purge.

Configuration reference

The following options are exposed in the plugin's analytics settings:

Setting	Default	Behavior
Analytics enabled	Off	Master switch for all analytics tracking.
BI tracking enabled	On (when analytics is enabled)	Enables the non page-view events: `filter_search`, `contact_open`, `lead_sent`.
Require consent	Off	When on, every tracking call is blocked unless an external consent signal is granted via the `as24ci_analytics_consent_check` filter.
Filter data minimization	On	Strips free-text search values (`s`, `search`, `q`) from the stored filter-search payload before insert. The list of stripped keys can be extended via the `as24ci_analytics_filter_blocked_keys` filter.
Privacy jurisdiction	Auto	Selects the privacy-law label shown in the plugin's privacy notice. Allowed values: `auto`, `gdpr`, `dsgvo`, `revdsg`, `uk_gdpr`, `generic`.
Analytics retention (days)	180	Number of days to keep analytics events. The effective minimum is 7 days; lower values are clamped.

Retention and cleanup

A daily WP-Cron event named as24ci_daily_cleanup deletes analytics rows older than the configured retention window. The cleanup logic:

Reads the Analytics retention (days) setting (default 180).
Clamps the value to a minimum of 7 days.
Deletes all rows from the analytics table where created_at is older than the cutoff.

Because the cleanup runs on WP-Cron, deletion happens shortly after the cutoff date, not exactly at midnight. Sites that disable WP-Cron should ensure that the equivalent system cron triggers WordPress regularly.

Data minimization

Two minimization mechanisms are built into the analytics pipeline:

No personal identifiers in storage. The analytics table does not contain IP addresses, user IDs or cookies. Only an event type, a post ID, an optional minimized payload and a timestamp are stored.
Filter payload minimization. When Filter data minimization is enabled (the default), free-text search keys (s, search, q) are removed from the filter-search payload before it is written to the database. Site operators can extend the blocklist using the as24ci_analytics_filter_blocked_keys filter.

The plugin does not implement a consent banner of its own. When **Require consent** is enabled, every tracking call is gated by the as24ci_analytics_consent_check filter. A consent management plugin (or custom integration) is expected to attach to that filter and return:

true when the visitor has granted analytics consent.
false to block the event.

When Require consent is disabled (the default), analytics events are written whenever analytics is enabled. In that mode the site operator is responsible for ensuring that any applicable legal basis for processing is in place before turning analytics on.

Step by step: enable analytics safely

Confirm with your legal advisor that analytics tracking is permitted on the site, and under which conditions (for example with prior consent).
In the plugin's analytics settings, enable Analytics enabled.
Decide whether to enable BI tracking. Disable it if you only want page-view counts.
If a consent management solution is in place, enable Require consent and connect it through the as24ci_analytics_consent_check filter.
Keep Filter data minimization enabled unless you have a specific reason to store search text.
Set the Analytics retention (days) to the value approved by your privacy review (minimum 7).
Update the site's privacy notice to describe the data collected, the retention period and the legal basis.

Step by step: purge all analytics data

A one-click purge action is available for administrators with the plugin's management capability:

Open the analytics admin tab.
Trigger the Purge all analytics data action.
The plugin truncates the {prefix}as24ci_analytics table immediately.

The purge action works regardless of whether analytics is currently enabled, so previously collected data can always be removed on demand.

Operational notes

Analytics tracking is off by default. The table may be empty until the feature is enabled.
The retention setting only applies to the analytics table managed by this plugin. Other analytics tools (for example a separate web analytics product) are unaffected.
On uninstall, the analytics table is dropped unconditionally so that visitor tracking data does not persist after the plugin is removed. See Data Storage Overview.
The privacy jurisdiction setting is informational. It controls the label shown in the plugin's privacy notice; it does not change which data is collected.

Troubleshooting

Analytics rows are accumulating beyond the retention window — verify that WP-Cron is running on the site and that the as24ci_daily_cleanup event is scheduled.
No events are being recorded — confirm that Analytics enabled is on and, when applicable, that the as24ci_analytics_consent_check filter returns true for the events you expect.
filter_search, contact_open or lead_sent events are missing — these only fire when BI tracking enabled is on in addition to analytics being enabled.
Filter searches are stored without their search text — this is the expected behavior of the data minimization filter. Adjust the as24ci_analytics_filter_blocked_keys filter if you need different keys, after a privacy review.