How Session Tracking Works
A complete overview of how Advanced Analytics tracks visitor sessions from first page view through conversion.
The Tracking Flow
- A visitor arrives on your site.
- The frontend session tracker script loads on the page.
- If a consent platform is configured, the tracker waits for consent before proceeding.
- Once consent is confirmed (or no consent platform is required), the tracker sends attribution data to the server.
- A new session record is created with the visitor’s referrer, UTM parameters, landing page, and anonymized IP.
- A
tooldocs_sessioncookie is set in the browser (30-day lifetime). - On each subsequent page view, the tracker updates the session’s page view count and last activity timestamp.
- When the visitor registers, logs in, or is detected as a returning user, the session is converted and linked to their user record.
- Attribution data from the session is copied to the user record (first-touch and last-touch).
- Pre-conversion page views and downloads are transferred to the user’s history.
What Data Is Collected
On each page load, the tracker captures:
- Referrer — the previous page URL (from
document.referrer), classified as direct, search, social, referral, email, or paid. - Landing page — the full URL of the page the visitor is on.
- UTM parameters —
utm_source,utm_medium,utm_campaign,utm_term, andutm_contentfrom the URL query string. - Click IDs —
gclid(Google Ads) andfbclid(Facebook Ads) for paid traffic attribution. - User agent — browser and device information.
- IP address — anonymized by default (last octet replaced with 0).
For new sessions, all attribution data is stored. For existing sessions, only the page view is recorded — the original first-visit attribution is preserved.
Session Cookie
| Property | Value |
|---|---|
| Cookie name | tooldocs_session |
| Value | UUID v4 string |
| Lifetime | 30 days |
| Path | / |
| SameSite | Lax |
| Secure | Yes (on HTTPS) |
The cookie is cleared when consent is withdrawn, when an excluded user logs in, or when it expires naturally.
Conversion Types
A session can be converted in three ways:
- Registration — an anonymous visitor completes the ToolDocs registration form.
- Login — an existing user logs in and their current anonymous session is linked to their account.
- Return visit — a logged-in user is detected during a session update (they were already authenticated when the session was created).
In all cases, pre-conversion page views and downloads are transferred from the anonymous session to the user record.
Additionally, download conversion tracking is enabled by default. This records the first file download in each session as a separate conversion event, giving you visibility into which sessions lead to actual document engagement — not just registration. This can be toggled off in Analytics → Settings if you only want to track registration and login conversions.
Tracking Exclusions
Users with WordPress roles listed in the tracking exclusion settings (ToolDocs → Settings → Tracking Exclusions) are excluded from session tracking. By default, administrators are excluded.
When an excluded user logs in with an active session cookie, their session data (including page views, conversions, and any anonymous downloads) is deleted and the cookie is cleared.
First-Touch vs Last-Touch Attribution
When a session converts, the user record receives two sets of attribution data:
- First-touch — the referrer, UTM parameters, landing page, and timestamp from the session where the user originally registered. This never changes after registration.
- Last-touch — updated on each subsequent non-direct visit. Tracks the most recent referrer and UTM data, useful for understanding what brings users back.