[STORY 5.1] Privacy-First Event Telemetry

[RamonRiosJr]

📝 Description

Provide accurate visit insights to users natively in NeoCard without needing third-party trackers, bypassing ad-blockers natively via a first-party API.

🎯 Acceptance Criteria

• Minimal /api/track API endpoint taking simple { type: string, metadata: object } payload
• Hash IP addresses with daily-rotating salts ensuring complete GDPR and CCPA anonymization compliance
• Non-blocking async persistence into Event table to maintain sub 50ms API response time