What data does Kameleoon retrieve and how?

Advanced Experiment Personalization Technical

Here is the list and description of the data collected by Kameleoon. These data differ according to the type of campaign and the configuration of your website.

Local storage

Kameleoon saves the collected data in the Local storage.

Visitor data is always encoded.

You can find the updated list of variables in our developer documentation

Common data (A/B + Personalization)

  • kameleoonData: Contains a lot of data about the visitor and his visits (mostly browsing related data). This data is encoded on the Local Storage via a simple encoding scheme. You can see the full list of data present on this key here. Lifespan of 380 days. Find out more about the collected data
  • kameleoonLegalConsent: Legal consent (usually RGPD or similar regulation) obtained for the use of Kameleoon. The value can be for instance {“AB_TESTING”: true, “PERSONALIZATION”: false} or {“PERSONALIZATION”: true}. Lifespan of 380 days.
  • kameleoonOpenTabs: Contains ids of opened tabs on the same website. Lifespan of 380 days.
  • kameleoonSimulation: Data needed for simulation purposes. Lifespan of 1 hour.
  • kameleoonSimulationShortURL: Short URL of the simulation. Lifespan of 1 hour.
  • kameleoonSimulationVisitorData: Contains all the (virtual) data about the visitor and his visits for simulation. Lifespan of 1 hour.

Experiments data

  • kameleoonVariation-${variationId}: Saves variation for preview or simulation. Stored for the duration of the session.
  • kameleoonExperiment-${experimentId}: Saves the experiment variation allocation, the ID of the variation (either “Reference” or the variation ID or “none” if a traffic exclusion has been configured) and the date on which the variation was assigned. Stored for 30 days.

Personalizations data

  • kameleoonPersonalization-${personalizationId}: Saves the personalization variation allocation. Lifespan of 30 days.
  • kameleoonGlobalPersonalizationExposition: Represents the visitor’s global exposition status for all personalizations. If the value is “false”, this visitor won’t be exposed to any personalization (and if it is set to “true”, he will be if he triggers the required targeting conditions). By default, 10% of the global traffic is excluded from any personalization. This value is configurable on Kameleoon’s back-office. Lifespan of 380 days.

Session storage

All these data are kept only for the duration of the session.

Common data (A/B + Personalization)

  • kameleoonDisabledForVisit: Disables the loading of Kameleoon for the current visit. This depends on whether or not you have activated this option in your website settings in the Kameleoon back-office. By default it will never be used.
  • kameleoonAnalyticsTrackingTimes: Used to optimize (reduce) the number of 3rd party analytics tracking calls made by Kameleoon when using a web analytics integration.
  • kameleoonFullApplicationCode: Contains Kameleoon entire codebase, which is needed for simulation purposes (as the production version of the application file is optimized for size and does not contain all the code).


  • kameleoonVisitorCode: Contains the visitor code (unique identifier randomly assigned to a visitor). This cookie is automatically replicated by Kameleoon in Local storage (inside the key kameleoonData), so if it is deleted Kameleoon will recreate it automatically from the data contained in kameleoonData. Stored during 380 days.
  • One additional cookie may be set by the default Kameleoon CDN (Content Delivery Network) when delivering the application file, if you don’t self host this file. Note that Kameleoon does not use this cookie at all. Deleting it has no impact on Kameleoon operations.
    __cfduid: This cookie is set by the default Kameleoon CDN. Stored during 30 days.

Encoded data

Visitor data is always encoded.

In the case of KameleoonData (contains all the data about the visitor and his visits; stored for 380 days), the following data is encoded:

  • custom data;
  • device type (mobile, tablet or desktop);
  • operating system;
  • name and version of the browser;
  • screen size;
  • window size;
  • time zone of the browser;
  • language of the browser;
  • original referrer (acquisition channel);
  • number of pages viewed;
  • title and URL of pages visited;
  • time spent on the website;
  • time of the beginning and end of the visit;
  • number of opened tabs;
  • adblocker activated;
  • list of conversions (clicks, transactions, etc);
  • list of personalizations and A/B experiments seen by the visitor;
  • current weather conditions (if the corresponding targeting condition is activated): temperature, wind, rain…;
  • time of sunset (present if a weather targeting condition has been activated, as it is required for some weather targeting criteria);
  • weather forecast (if the corresponding targeting condition is activated): temperature, wind, rain…;
  • geolocation (if the corresponding targeting condition is activated or if a weather targeting condition has been activated, as it requires geolocation data);
  • IP (if the corresponding targeting condition is activated);
  • external segmentation data (obtained from a third party DMP or CRM);
  • internal search history (if activated);
  • products seen (if activated).

Most of this data is also sent to our servers for reporting purposes (to filter / break down the data afterwards). However, for previous visits, only the number of the visit is sent to our servers.

How long does Kameleoon keep the data stored on its server?

The data stored on our servers is kept for 2 years.

How does Kameleoon handle visitor consent?

GDPR compliance

Kameleoon is GDPR compliant and has legal consent policies already in place. We do not stock any user data unless legal consent is obtained. Our solution does not use cookies, it works using local storage only after consent is obtained. The only data collected is anonymized browsing data which doesn’t allow a visitor to be identified.

However, you are able to inject existing personal data from your technology ecosystem (such as CRM or DMP solutions) into Kameleoon, to improve analysis and results. In this case, you have total control over the information you use and should only select authorized data. Kameleoon processes this personal data in a totally GDPR-compliant way and follows your written instructions and data processing procedures.

Opt-out management

With Kameleoon, you can set up an opt-out mechanism if you wish to do so. Find out more about Opt-out management

Apple ITP

Kameleoon automatically and transparently handles all Apple ITP versions. This means that ITP will not impact on the results of your campaigns. Find out more about how Kameleoon handles Apple ITP