Freshpaint

Freshpaint

Freshpaint is a HIPAA-compliant customer data infrastructure for healthcare companies. Scripts capture user behavior events from web applications and route them to analytics, marketing, and CRM tools while enforcing patient data protection rules. Designed to let healthcare organizations use modern analytics without violating HIPAA.

Back to Vendor Library

Overview

Freshpaint is a HIPAA-compliant customer data infrastructure platform designed for healthcare organizations. It captures web behavior events and routes them to analytics, marketing, and CRM tools while enforcing patient data governance rules.

What This Script Does

The Freshpaint script captures user interaction events on web pages including page views, clicks, form interactions, and custom events. It collects browser metadata, session information, and page context. Freshpaint's governance layer can redact or filter protected health information (PHI) before forwarding data to connected third-party destinations. The script sets cookies or uses localStorage for visitor identification and session tracking. Data is sent to Freshpaint's servers where governance rules are applied before distribution to configured analytics and marketing platforms.

Consent & Compliance

  • Consent Category: Analytics
  • Cookies/Storage: Sets first-party cookies for visitor identification and session tracking. Uses localStorage for event queuing.
  • GDPR/ePrivacy: Requires consent. Despite HIPAA compliance features, Freshpaint collects behavioral data and sets non-essential cookies for analytics purposes. HIPAA compliance does not exempt the script from ePrivacy consent requirements.
  • CCPA: Behavioral data collection constitutes personal information. While Freshpaint acts as a service provider, downstream data routing to marketing platforms may trigger sharing obligations.

Should You Block This Without Consent?

Yes. Freshpaint collects behavioral analytics data and sets tracking cookies. While its HIPAA governance features are valuable for healthcare organizations, the underlying data collection mechanism requires consent under GDPR/ePrivacy. Block until analytics consent is granted.

Visit website

Consent Categories

Analytics

Also Known As

FreshpaintHIPAA analyticshealthcare CDPhealthcare data privacypatient data trackingHIPAA compliant analytics

Industries

Artificial Intelligence and Machine LearningComputers Electronics and Technology

Tracked Domains (2)

cdn.freshpaint.ioAnalytics
perfalytics.comAnalytics

Frequently Asked Questions

Is consent required for Freshpaint despite its HIPAA compliance?

Yes. While Freshpaint is designed for HIPAA-compliant healthcare analytics, HIPAA compliance does not exempt it from GDPR or ePrivacy consent obligations. Freshpaint collects behavioral data and sets non-essential tracking cookies for analytics purposes, requiring consent before loading.

What does Freshpaint collect and store on visitor devices?

Freshpaint captures page views, clicks, form interactions, and custom events along with browser metadata and session context. It sets first-party cookies for visitor identification and uses localStorage for event queuing. Data is routed through Freshpaint's governance layer before forwarding to connected analytics and marketing platforms.

How does ConsentStack manage Freshpaint for healthcare websites?

ConsentStack classifies Freshpaint under the analytics consent category. Its scripts are blocked until analytics consent is granted, regardless of HIPAA configuration. ConsentStack ensures behavioral data collection and cookie setting do not begin before the visitor has provided the required opt-in consent.

Related Vendors

Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Google Analytics
Google Analytics
Google Analytics is the world's most widely deployed web analytics platform. Scripts track page views, sessions, user demographics, traffic sources, and conversion events. Drops cookies to identify returning visitors and attribute user journeys across sessions.
Firebase
Firebase
Firebase is Google's mobile and web application development platform offering authentication, real-time database, cloud functions, and analytics. Web SDK scripts initialize Firebase services and may track app events via Firebase Analytics, which is powered by Google Analytics 4. Widely used in single-page apps and PWAs for backend infrastructure and usage tracking.
Microsoft
Microsoft
Runs Clarity (session recording and heatmaps), the Microsoft Advertising UET tag (conversion tracking), and Bing's remarketing pixel. Clarity injects a recording script that captures mouse movements, clicks, and rage clicks. The UET tag fires conversion events to tie ad clicks to on-site actions across Microsoft's ad network.
Microsoft Dynamics 365
Microsoft Dynamics 365
Microsoft Dynamics 365 is a suite of CRM and ERP applications that integrates with websites through tracking scripts and embedded forms. Web tracking code captures visitor behavior, page views, and form submissions to build customer profiles and score leads. Sets cookies to identify returning visitors and attribute marketing touchpoints across sessions.
LinkedIn Insight Tag
LinkedIn Insight Tag
LinkedIn Insight Tag is a JavaScript tracking pixel for LinkedIn's advertising and analytics platform. The tag fires on every page view to collect URL, referrer, IP address, and device data for conversion tracking, website demographics reporting, and retargeting audience building. Sets cookies to identify LinkedIn members across advertiser websites.

Manage consent for Freshpaint

ConsentStack automatically detects and manages Freshpaint trackers so your site stays compliant with global privacy regulations.

Get started