- The visual Anonymization Builder in the dashboard (recommended)
- Manual configuration directly in the script tag
Opening the Anonymization Builder
The fastest way to configure anonymization is through the dashboard:Open Organization Settings
Navigate to Settings → Organization. You’ll see a list of all linked website URLs for your organization.
Open Snippet
Hover over the desired website and click Snippet. This opens the installation guide with your current script tag.
1. Anonymizing URL Paths
If your website uses URLs likehttps://example.com/profile/12345/orders, then 12345 is a personally identifiable user ID. URL anonymization masks these dynamic segments locally in the browser before the pageview is sent to bchic.
The URL Anonymization Builder
The visual builder makes creating anonymization rules as easy as possible:Auto-Detect Patterns from Your URLs
You can paste multiple URLs from your website into the text field at the top. Click Detect Patterns — the builder automatically finds the segments that differ between URLs and suggests matching anonymization templates.Example: Paste these URLs:The builder detects that the third segment (
123, 456, 789) varies and automatically suggests /{path}/users/{userId}/* as a template.Creating Templates Manually
You can also build templates directly in the Path Template editor:- Each path segment is displayed as its own building block
- Click the curly braces
{}to turn a segment into a placeholder — this part will be masked in the tracked URL - Edit placeholder names directly inline (e.g.
{userId},{orderId},{token})
Sub-Paths After the Template
Under Sub-Paths After The Template, choose how to handle the rest of the URL after your pattern:Exact Match
The path length must match the template exactly. Longer URLs won’t be matched.
Keep Rest /*
All sub-paths after the match are retained.
/u/{id}/* turns /u/123/settings → /u/id/settingsDrop Rest /*!
Everything after the template is truncated.
/u/{id}/*! turns /u/123/settings → /u/idLive Preview
Below the template you’ll see a live preview (“What Gets Sent”) that shows you how a sample URL would look after anonymization. This lets you validate your rules before activating them.Example: With the template
/{path}/seg/{segment}/*!, the URL /a1b2c3d4e5/seg/xyz_tok789/details/42 becomes /path/seg/segment.Auto-Detect Mode
If you don’t want to create custom templates, simply enable Auto-detect mode in the builder. It automatically scans for common ID formats and replaces them with/uuid.
What gets automatically detected?
| Pattern | Example | Result |
|---|---|---|
| UUIDs | /orders/550e8400-e29b-41d4... | /orders/uuid |
| Hex hashes (24+ characters) | /commit/a1b2c3d4e5f6a1b2c3d4e5f6 | /commit/uuid |
| Numeric IDs (18+ digits) | /invoice/123456789012345678 | /invoice/uuid |
| Alphanumeric tokens (20+ characters) | /session/xK9mP2nQ8rT5vW7yZ1... | /session/uuid |
2. Excluding Query Parameters
Often, personal data isn’t in the path but in URL parameters after the? (e.g. ?token=abc123 or ?session=xyz). In the Exclude Query Parameters section, you can selectively remove or empty these parameters.
Configuration in the Dashboard
In the Privacy & Anonymization section, below URL anonymization, you’ll find the Exclude Query Parameters area. Enter your rules separated by commas.Two Actions
Remove Parameter Completely (Delete)
Format:
/path:parameterThe parameter is fully removed from the URL.- Rule:
/{path}:token - Original:
/abc123?token=secret&other=value - Sent:
/abc123?other=value
Empty the Value (Keep Key)
Format:
/path:parameter= (note the = at the end)The key is retained but the value is emptied. Useful when you want to track that a search happened, but not what was searched.- Rule:
/{path}:token= - Original:
/abc123?token=secret&other=value - Sent:
/abc123?token=&other=value
Path Templates with Wildcards
Path templates in parameter rules support the same placeholders and wildcards as URL anonymization:| Rule | Effect |
|---|---|
/{path}:token | Removes token on all pages with a dynamic first segment |
/path/*:token= | Empties token on all sub-pages of /path/ |
/auth/signup:token | Removes token only on exactly /auth/signup |
Live Preview
Query parameter rules also show a live preview under “What Gets Sent” so you can see how URLs will look after processing:| Original | Rule | Sent |
|---|---|---|
/abc123?token=secret&other=value | /{path}:token | /abc123?other=value |
/abc123?token=secret&other=value | /{path}:token= | /abc123?token=&other=value |
/path/detail?token=secret&other=value | /path/*:token= | /path/detail?token=&other=value |
3. Manual Configuration in the Script Tag
All settings from the dashboard are automatically reflected in the script tag. You can also set the attributes manually if you prefer.data-anonymize-url
data-exclude-params
Combined Example
A complete script tag with URL anonymization, parameter exclusions, and additional features:Syntax Reference
| Symbol | Function | Example |
|---|---|---|
{placeholder} | Replaces the dynamic part with the placeholder name | /profile/{userId} |
| (no wildcard) | Exact match — path length must match exactly | /a/b won’t match /a/b/c |
/* | Keep rest — sub-paths after the match are retained | /u/{id}/* → /u/id/settings |
/*! | Drop rest — everything after the template is removed | /u/{id}/*! → /u/id |
Verification & Testing
How do you know everything is working correctly? There are two ways:In the Dashboard
The live preview in the builder shows you directly how each rule works. Use the “What Gets Sent” display to validate your configuration before clicking Apply.In the Browser
- Open your browser’s Developer Tools (F12).
- Switch to the Network tab.
- Load a page on your website that contains a URL or parameter that should be anonymized.
- Look for the request to the tracking endpoint (
analytics.bchic.de). - Click on the request and inspect the Payload.
The
url field in the payload should already contain the anonymized form (e.g. /profile/userId/... or removed parameters). If so, no personal data is leaving the user’s browser.Best Practices
Start with Auto-Detect Mode
Start with Auto-Detect Mode
If you’re unsure which URLs contain personal data, start by enabling Auto-Detect mode. It catches most common ID formats automatically. Then add custom templates as needed for shorter IDs.
Use 'Detect Patterns' in the Builder
Use 'Detect Patterns' in the Builder
Copy 3–5 different URLs of the same page (with different IDs) into the builder and click Detect Patterns. The builder automatically identifies the dynamic segments and creates a matching template for you.
Use Drop Rest (/*!) for Maximum Privacy
Use Drop Rest (/*!) for Maximum Privacy
If you’re unsure whether sub-pages might contain sensitive data, use
/*! (Drop Rest). This truncates everything after the matched pattern, keeping you on the safe side.Empty Instead of Delete for Search Parameters
Empty Instead of Delete for Search Parameters
For search parameters like
?q=, we recommend emptying (/search:q=) rather than fully removing them. This way you can still see in your analytics that users used the search — just not what they searched for.Test with the Live Preview
Test with the Live Preview
Always use the live preview in the builder before saving your rules. Test with real URLs from your website to make sure no personal data slips through.