CookieRay
Privacy & Data Handling
This page explains CookieRay’s data stance, how visitor identifiers are handled, which database tables it creates, and what happens when you delete the plugin.
Data stance
CookieRay does not send usage data, telemetry, or visitor payloads to any CookieRay-operated server. Your consent logs and cookie inventory stay in your site’s database unless you choose to export them.
Note that any third-party trackers you add to your own site still collect data according to their own policies — even when CookieRay delays them or respects category choices. CookieRay governs how those trackers are loaded; it does not change what they do once allowed.
How IP addresses are handled
CookieRay does not store raw IP addresses. Instead it derives a compact fingerprint from combined request signals (IP plus user-agent material). This lets consent records be distinguished without retaining the raw IP.
How user agents are handled
The user-agent string is never stored raw. CookieRay stores a short hash suffix — a 16-character prefix of a SHA-256 hash — used as part of the fingerprint above.
Country hints
Country information, when available, comes from one of two local sources:
- HTTP headers supplied by your CDN or reverse proxy, or
- An optional server-local PHP GeoIP lookup, if you enable it.
CookieRay does not call an external geolocation API for this.
Automatic purging
A WP-Cron job deletes consent records older than your configured retention period, keeping the consent log within the bounds you set in Settings.
Database tables
CookieRay creates the following tables (shown with your site’s table prefix):
| Table | Contents |
|---|---|
{prefix}cookieray_cookies | Cookie inventory. |
{prefix}cookieray_consent_logs | Consent audit records. |
{prefix}cookieray_scans | Scan summaries. |
{prefix}cookieray_third_party_scripts | Deep script discovery results. |
Uninstall behavior
Deleting the plugin via Plugins ▸ Delete runs uninstall.php, which:
- Drops the four
cookieray_*tables listed above. - Removes the option keys (
cookieray_settings,cookieray_banner_settings,cookieray_db_version). - Removes the scheduled purge hooks.
Because this permanently removes your consent logs and inventory, take a database backup before deleting the plugin if you need to retain that history.
CookieRay is not legal advice. Compliance depends on your configuration and the rest of your site.