Aha!

Aha!

Aha! scripts embed public product roadmap portals and idea voting boards on company websites. Scripts load roadmap timelines, feature request forms, and status update feeds, and may collect user submissions and votes tied to email addresses for product feedback purposes.

Back to Vendor Library

Overview

Aha! is a product management platform for strategy, roadmapping, idea management, and feature prioritization. Beyond its internal planning suite, Aha! offers embeddable public-facing portals that allow companies to publish product roadmaps, run idea voting boards, and collect feature requests directly on their websites. These public portals are the browser-side presence relevant to consent management — they load Aha! scripts on the host website to render interactive product feedback interfaces for external visitors.

What This Script Does

When Aha! portal scripts are embedded on a website, they load from Aha!'s CDN (typically secure.aha.io or a custom subdomain configured by the organization) and render interactive product feedback interfaces:

Public roadmap portals:

  • Fetches and renders a visual roadmap timeline showing planned, in-progress, and completed features in configurable time formats (now/next/later, quarterly, Gantt-style)
  • Dynamically loads feature cards with status indicators, estimated timelines, and optional descriptions
  • Sets a session cookie for portal navigation state (current view, active filters) that expires at session end

Idea boards and voting:

  • Renders a searchable list of submitted ideas/feature requests with upvote counts and status labels
  • Loads the idea submission form when a visitor clicks "Submit Idea" — form fields collect idea title, description, and optionally the submitter's name and email address
  • Manages vote state: when a visitor votes on an idea, Aha! stores their vote using a cookie or localStorage entry keyed to the portal, preventing duplicate votes
  • The vote-tracking identifier (typically _aha_portal_[portal_id], first-party, 30-day expiry) is the primary persistent identifier set by Aha! portals

Network requests and data flow:

  • Portal content is fetched via authenticated API calls from the browser to secure.aha.io
  • Form submissions (ideas, votes) POST data directly to Aha!'s servers
  • No behavioral tracking, analytics collection, or advertising-related processing occurs

What Aha! portals do not do:

  • Do not set cross-site tracking cookies
  • Do not load advertising pixels or analytics trackers
  • Do not collect passive behavioral data (scroll depth, click tracking outside portal interactions)
  • Do not share data with third-party advertising platforms

Consent & Compliance

  • Category: Functional
  • GDPR: Aha! portal scripts serve a clearly functional purpose — delivering a product feedback and roadmap experience that visitors actively choose to use. The vote-tracking cookie prevents duplicate votes and is necessary for the service to function correctly. Form submissions collect personal data (name, email) based on explicit, voluntary user action — this requires a lawful basis (legitimate interest or contract performance) and appropriate privacy notice disclosure. Aha! acts as a data processor for portal content and submissions.
  • ePrivacy: The _aha_portal_[portal_id] cookie is used solely to maintain voting state for the service the visitor requested. This falls within the exemption for cookies strictly necessary for a service explicitly requested by the user. No advertising or cross-site tracking cookies are involved.
  • CCPA: Email addresses and names submitted through idea forms are personal information. Disclose Aha!'s use in your privacy policy. Aha! is a US company — EU transfers use Standard Contractual Clauses.
  • Data minimization: Aha! portals collect only data explicitly submitted by visitors. No passive collection occurs beyond session state management.

Should You Block This Without Consent?

No. Aha!'s embedded portal scripts deliver functional product feedback features. Data collection is limited to explicit user submissions and necessary session state. They do not perform behavioral tracking, advertising profiling, or cross-site data sharing. Aha! portals can operate under a functional basis without requiring prior visitor consent.

Visit website

Consent Categories

Functional

Also Known As

Aha! roadmapAha! ideas portalAha! product managementAha! feedback

Industries

Programming and Developer SoftwareComputers Electronics and Technology

Tracked Domains (1)

aha.ioFunctional

Frequently Asked Questions

Does embedding an Aha! portal on my site require visitor consent?

Generally no. Aha! portals deliver functional product feedback features — roadmap timelines and idea voting — that visitors actively choose to use. The vote-tracking cookie prevents duplicate votes and is necessary for the service, qualifying as strictly necessary under ePrivacy rules.

What data does an embedded Aha! portal collect?

Aha! portals set a session cookie for navigation state and a persistent vote-tracking cookie (30-day expiry) to prevent duplicate votes. If a visitor submits an idea, the form collects their name and email address voluntarily. No behavioral tracking or advertising data is collected.

How does ConsentStack categorize Aha! portals?

ConsentStack classifies Aha! as a functional vendor. Embedded portal scripts deliver a service visitors explicitly request and do not perform behavioral tracking or advertising. ConsentStack does not require you to gate Aha! behind a consent prompt for standard portal implementations.

Related Vendors

Google Maps
Google Maps
Google Maps is the dominant web mapping service used for embedded maps and location features on websites. Scripts load interactive map tiles, geocoding, and Places API functionality through the Maps JavaScript API. May set cookies to remember map preferences and manage API quota.
Google Search
Google Search
Google Search appears on websites through the Programmable Search Engine, enabling custom site-specific search functionality. Scripts load the search widget from Google's servers to render search bars and display results within the host website. Sends search queries to Google's index and may set cookies for search personalization and query history.
Google
Google
Google is the dominant provider of web analytics, advertising, and infrastructure tools. Scripts like Google Analytics, Tag Manager, Ads, and reCAPTCHA collect behavioral data, manage tag firing, serve targeted ads, and detect bots. Sets persistent cookies to track users and correlate activity across sites.
Microsoft Teams
Microsoft Teams
Microsoft Teams is a workplace communication and collaboration platform that can be embedded on websites for chat, meetings, and document sharing. Embedded widgets load from Microsoft's servers to enable real-time messaging, video calls, and file collaboration. Sets authentication and session cookies to verify participant identity and maintain connection state.
Apple Maps JS
Apple Maps JS
Apple Maps JS is Apple's JavaScript mapping framework for embedding interactive maps on websites. Scripts load map tiles, location pins, and routing data from Apple's MapKit servers to render navigable maps within web pages. Requires a MapKit JS token for authentication but does not set tracking cookies or collect behavioral analytics data.
Apple Business Chat
Apple Business Chat
Apple Business Chat enables direct customer messaging between websites and Apple's Messages app. Scripts load chat buttons and conversation interfaces that connect visitors to business support agents through iMessage. Sets minimal session cookies to maintain conversation context but does not track browsing behavior or collect analytics data.

Manage consent for Aha!

ConsentStack automatically detects and manages Aha! trackers so your site stays compliant with global privacy regulations.

Get started free