Email hashing Best Practice

We always advise our customers not to send Personal Identifiable Information through our frontend pixel. This also applies for the email field.

In this article we tell you the best practice how to send the visitors email and how our email hashing mechanism works.


Below you see a small activity diagram how this works internally.

For the sake of this example, user@domain.com's hash is hash256-abc

  1. First you send a Purchase event through the pixel with an orderid (1234) and a hashed email (hash256-abc)
    1. Our system will try to find a customer based on the given hash
    2. No customer found, so a new customer with ID 100012018 is created
  2. Later, you send a API backend call with the same orderid and other necessary fields, but this time you provide the real email.
  3. Our system will convert the real email to the hash hash256-abc and tries to find a customer
    1. If a customer is found with the same hash, his/her profile is enriched with additional data, which is email in this example (preferred scenario)
    2. If no customer found with the same hash, a new customer is created


Conclusion. The best practice to leverage our hash-matching mechanism:

A- send a pixel Purchase event with orderid and a hashed email.

B- send an API Purchase event with the same orderid and the non-hashed email address.