Pulsate is privacy-first by default: until you explicitly send personal data, users are tracked anonymously. Everything Pulsate knows about a user beyond device behavior is data your app chooses to send.
What you can send
| Page | What | Why |
|---|---|---|
| Personal Data | Name, email, phone, gender, age | Personalized campaigns ("Hi John…"), contact channels |
| Custom Attributes | Any typed key/value (string, int, float, boolean, date) + counters | Segmentation filters in the CMS |
| Custom Events | Named user actions | Event-triggered campaigns, journey analytics |
| Privacy | Subscribe / unsubscribe | Global campaign opt-out per user |
When data is sent
Most user-data calls are cached locally and synced to Pulsate when the app enters the background (calls are merged and deduplicated). Two exceptions:
setPrivacysyncs in real time.forceAttributeSync()triggers an almost-immediate sync of everything pending (debounced, so multiple calls merge into one request).
Always send user data after a session is active — the onSuccess callback of startPulsateSessionForAlias is the natural place.

