Data Protection Details
Last updated: March 1, 2026. Minimization policy version: 2026-03-01
How Harper Limits Processing
- Event storage uses allowlisted fields only.
- Customer match fields are stored as hashes in conversion/event payloads.
- Collection and use is limited to attribution, conversion delivery, and fraud/security operations.
Purposes and Data Categories
| Purpose | Description | Data Elements |
|---|
| Attribution and analytics reporting | Link marketing touchpoints to conversions and provide merchant-facing dashboards. | - event type
- timestamp
- order reference
- campaign/click identifiers (fbclid/fbc/fbp, gclid, ttclid, scid, UTM)
- hashed customer match identifiers
- session and durable IDs
|
| Ad platform conversion delivery | Send merchant-configured conversion events to connected ad platforms using hashed match keys. | - hashed customer match identifiers
- event name and event ID
- conversion value and currency
- order reference
- platform match identifiers (fbc/fbp)
- network metadata (IP, user-agent) when provided
|
| Fraud and abuse prevention | Detect suspicious traffic and prevent invalid or abusive event ingestion. | - event timestamp
- IP address
- user-agent
- device/fingerprint hash
- deduplication fingerprint
|