For browser agent version 1217 and higher, usage of session cookies has been deprecated.
This document describes data privacy related to browser monitoring and cookies, and details about the cookies themselves. Prior to browser agent version 1217, the following cookies were created for session tracking in end-user browsers.
These cookies were related to browser app monitoring. For more information about data privacy and requesting data to be deleted, see New Relic personal data requests.
Data privacy and legal compliance
The default browser agent configuration does not retain any personal data as defined by common privacy laws such as the EU General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA). New Relic has taken steps to enable our customers who elect to process personal data in our products to do so in accordance with applicable privacy laws. Use the additional information below to help enable your compliance with such laws:
New Relic briefly collects and leverages the IP address from the end-user as part of the data collection process. The IP is captured when a connection is made between the end user's browser and the New Relic data collector. The IP address is included in the web request, much like a caller ID. New Relic uses the IP, much like you see a phone number when somebody calls you.
The IP address is used as a lookup value that maps to additional details, allowing New Relic customers to diagnose performance issues.
IP address lookup values include:
Default cookies (deprecated)
In browser agent versions v1217 and lower, the agent set cookies by default. For those agents, cookies are placed by the browser agent and the New Relic collector. The New Relic collector places a cookie when the browser agent makes a connection and transmits data.
A cookie consent manager that uses a conditional script loader that only loads tags/snippets when a visitor agrees to a specific type of cookies can be used. By choosing this option there is a risk that page performance will not be captured until the visitor has agreed and the browser agent is running.
With the release of browser agent v1169, you can turn off cookie collection (
By default, the value is set to true (ON) for all existing browser apps as well as newly created ones. For more information, see our docs on cookie collection and session tracking.
Personal data through custom browser configuration
New Relic offers the option to manually configure your agent through the browser monitoring API. This could be used to capture personal data, subject to the restrictions set forth in the Terms of Service with New Relic. (For example, no credit card numbers or sensitive categories of personal data, which are contractually prohibited.) New Relic responds to the instructions specified by the agents, including collecting personal data that may be custom configured.
If you (as the data controller) receive a request from one of your own customers and determine that personal data sent to New Relic for processing must be deleted, see New Relic personal data requests.