ConsentMark
Free Scan
Azure Application Insights logo
AnalyticsHigh complexity

Azure Application Insights

by azure-application-insights

All product names, logos, and trademarks are the property of their respective owners. Their inclusion here is for identification purposes only and does not imply endorsement by Obscurity Ltd.

Sets cookies
Yes
Sends PII
No
Cross-site tracking
No
Consent required
Not required
Cookies
ai_userai_session

Overview

Real user monitoring SDK that collects browser-side telemetry including page load times, session data, and unhandled exceptions from visitor browsers. Often deployed by engineering teams without governance review because it is classified as an operations tool, yet the client-side component collects data that constitutes personal data under GDPR. Organisations should ensure the SDK is included in their consent management configuration alongside traditional analytics tags.

Detection capabilities

Signature count
3
Detection methods
network
Property types
hostnamepathname

Performance impact

Performance Impact

Requests per page
3

Common mistakes

  • 1Treating Application Insights purely as an infrastructure monitoring tool exempt from consent requirements, when the client-side JavaScript SDK collects user-facing telemetry including IP addresses, session identifiers, and page URLs
  • 2Not configuring the SDK to disable or anonymise user IP collection, which is enabled by default and transmits full IP addresses to Azure
  • 3Failing to configure the data retention period in the Azure portal - the default 90-day retention may exceed or fall short of organisational requirements
  • 4Using the Application Insights SDK's automatic dependency tracking without reviewing what data is captured, including URLs of external service calls that may contain sensitive parameters
  • 5Not selecting the appropriate Azure data centre region for telemetry storage, potentially sending EU user data to US data centres when EU regions are available

Compliance considerations

The Application Insights JavaScript SDK collects client-side telemetry including page URLs, session identifiers, browser information, and IP addresses, which constitute personal data under GDPR. Microsoft offers Azure data centre regions across the EU, UK, and globally, allowing organisations to store telemetry data in their preferred jurisdiction. The SDK can be configured to disable IP collection or use IP anonymisation. Microsoft is self-certified under the EU-US Data Privacy Framework and provides comprehensive data processing terms through the Microsoft Products and Services DPA. Organisations should configure the appropriate Azure region, enable IP anonymisation, set data retention periods aligned with their policy, and assess whether the client-side telemetry collection requires consent or can be justified under legitimate interest for service performance monitoring.

Related services

Amplitude

amplitude

AnalyticsLow risk

1 detection signature

Cloudflare Analytics

cloudflare-analytics

AnalyticsLow risk

2 detection signatures

Contentsquare

contentsquare

AnalyticsLow risk

1 detection signature

Cooladata

cooladata

AnalyticsLow risk

2 detection signatures

Scan your site for azure-application-insights

Run a free Consentmark scan to see how azure-application-insights is loading on your site, whether it respects consent, and where governance gaps exist across your wider tag estate.

Start a free scan