Siteimprove

Siteimprove

Siteimprove is a website quality and analytics platform used by enterprise and public sector organizations. Scripts track page views and user behavior, scan for broken links and accessibility issues, and monitor content performance across large websites.

Back to Vendor Library

Overview

Siteimprove is a website quality and analytics platform used primarily by enterprise organisations, government agencies, universities, and public sector bodies. The platform combines web analytics with automated content quality scanning — checking for broken links, spelling errors, accessibility violations (WCAG compliance), and SEO issues across large, multi-author websites. Its analytics module tracks visitor behaviour in a manner similar to Google Analytics, while the quality scanning module crawls the site periodically from Siteimprove's own servers. Siteimprove is headquartered in Copenhagen, Denmark, and stores data on EU-based infrastructure, which is a significant factor for public sector customers managing GDPR compliance.

What This Script Does

Siteimprove deploys a single JavaScript tracker on the website that handles both analytics data collection and in-browser quality monitoring signals.

Script loaded: siteimproveanalytics.com/js/siteanalyze_XXXXXXX.js — a property-specific analytics tracker loaded from Siteimprove's CDN domain. The filename contains the unique site identifier.

Cookies set:

  • nmstat — First-party persistent cookie. Stores a pseudonymous visitor identifier used to distinguish unique visitors and track return visits across sessions. Set on the host domain. Expiry: 1 year.
  • siteimproveses — First-party session cookie. Maintains the current session boundary to distinguish sessions from the same visitor. Expiry: session (30 minutes of inactivity).
  • __hssc, __hstc (if HubSpot co-deployed) — Siteimprove occasionally appears alongside marketing platforms; these cookies are not Siteimprove's own.

Data collected per page view:

  • Page URL and page title
  • Referrer URL
  • Time on page and scroll depth
  • Click interactions on links and buttons
  • Browser type, operating system, screen resolution
  • IP address (used for geolocation; last octet is zeroed before storage in some configurations)
  • Visitor identifier from the nmstat cookie for return visitor recognition

Accessibility and quality scanning: Siteimprove's server-side crawler periodically fetches website pages from Siteimprove's own IP ranges — this is a server-to-server operation and does not involve visitor cookies or personal data collection.

Dashboard reporting: Aggregated analytics data is available in Siteimprove's centralised dashboard for web teams managing content performance, accessibility compliance scores, and broken link inventories.

Consent & Compliance

Consent category: Analytics

The Siteimprove analytics tracker sets a persistent first-party identification cookie (nmstat) and collects individual visitor behaviour data including page views, navigation paths, and click events. This constitutes processing of personal data (pseudonymous identifiers + behavioural data) for analytics purposes.

Under GDPR Article 6 and the ePrivacy Directive, this type of non-essential analytics tracking requires freely given, specific, informed consent before the tracker is loaded. Siteimprove offers a "cookieless" or "privacy-safe" analytics mode in some configurations that reduces the data collection footprint, potentially qualifying for a legitimate interests basis in limited circumstances — but the default configuration requires consent.

Siteimprove is headquartered in Denmark and processes data on EU-based infrastructure. It offers a comprehensive DPA and GDPR compliance documentation. Data is not transferred to the US by default, which simplifies transfer mechanism requirements for EU customers.

Under CCPA/CPRA, analytics data collection including IP-based geolocation and browsing behaviour constitutes personal information. Organisations using Siteimprove should ensure a Data Processing Agreement is in place.

Should You Block This Without Consent?

Yes. Siteimprove's analytics tracker sets a persistent first-party identification cookie and collects individual visitor behaviour across sessions. Block the analytics tracker until the user explicitly consents to analytics cookies.

Visit website

Consent Categories

Analytics

Also Known As

Siteimprove analyticsSiteimprove GDPRwebsite quality platformaccessibility analyticssiteimprove cookie

Industries

Programming and Developer SoftwareComputers Electronics and Technology

Tracked Domains (3)

siteimproveanalytics.comAnalytics
siteimproveanalytics.ioAnalytics
siteimprove.comAnalytics

Frequently Asked Questions

Does Siteimprove require consent?

Yes. Siteimprove's analytics tracker sets a persistent first-party nmstat cookie expiring after one year and collects individual visitor behavior — page views, clicks, scroll depth, and navigation paths — across sessions. This non-essential analytics processing requires informed consent before the tracker loads.

What cookies does Siteimprove set?

Siteimprove sets two cookies: nmstat, a persistent first-party cookie expiring after one year that stores a pseudonymous visitor identifier for return visit tracking, and siteimproveses, a session cookie that defines session boundaries. Both are set on the host domain, not third-party domains.

How does ConsentStack manage Siteimprove?

ConsentStack blocks Siteimprove's analytics tracker until the visitor consents to the analytics category. Siteimprove is headquartered in Denmark and processes data on EU infrastructure, simplifying transfer mechanism requirements. ConsentStack documents these data flow characteristics for compliance records.

Related Vendors

Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Google Analytics
Google Analytics
Google Analytics is the world's most widely deployed web analytics platform. Scripts track page views, sessions, user demographics, traffic sources, and conversion events. Drops cookies to identify returning visitors and attribute user journeys across sessions.
Firebase
Firebase
Firebase is Google's mobile and web application development platform offering authentication, real-time database, cloud functions, and analytics. Web SDK scripts initialize Firebase services and may track app events via Firebase Analytics, which is powered by Google Analytics 4. Widely used in single-page apps and PWAs for backend infrastructure and usage tracking.
Microsoft
Microsoft
Runs Clarity (session recording and heatmaps), the Microsoft Advertising UET tag (conversion tracking), and Bing's remarketing pixel. Clarity injects a recording script that captures mouse movements, clicks, and rage clicks. The UET tag fires conversion events to tie ad clicks to on-site actions across Microsoft's ad network.
Microsoft Dynamics 365
Microsoft Dynamics 365
Microsoft Dynamics 365 is a suite of CRM and ERP applications that integrates with websites through tracking scripts and embedded forms. Web tracking code captures visitor behavior, page views, and form submissions to build customer profiles and score leads. Sets cookies to identify returning visitors and attribute marketing touchpoints across sessions.
LinkedIn Insight Tag
LinkedIn Insight Tag
LinkedIn Insight Tag is a JavaScript tracking pixel for LinkedIn's advertising and analytics platform. The tag fires on every page view to collect URL, referrer, IP address, and device data for conversion tracking, website demographics reporting, and retargeting audience building. Sets cookies to identify LinkedIn members across advertiser websites.

Manage consent for Siteimprove

ConsentStack automatically detects and manages Siteimprove trackers so your site stays compliant with global privacy regulations.

Get started