GDPR

GDPR

Sign our DPA (via RightSignature)

Note: This document is only available in English.

  • Data Controllers

    What You Need to Do

    First, we ask you to review the GDPR Legislation and the definition of Personal Data.

    Next, please view the appropriate column in the table below based on where your account was created.

     
    EU/EEA Accounts
    Rest-of-World Accounts
    Website Audit

    You need to audit your website(s) to ensure Personal Data is excluded from tracking -- across all page content and form fields (which should be blocked automatically).

    You need to audit your website(s) to ensure Personal Data is excluded from tracking -- across all page content and form fields.

    IP Addresses

    No action is required. We anonymize or exclude IP addresses automatically, according to local law. You can contact us to have IP exclusion enabled (stricter) if your country only requires anonymization.

    You may wish to anonymize IP addresses (just click Settings > Anonymize IPs). This removes the last tuple of IP address data. You can contact us to have IP exclusion enabled (stricter) for added protection.

    Test Recording

    You should make a test recording in our platform to ensure all exclusions of Personal Data are functioning correctly.

    You should make a test recording in our platform to ensure all exclusions of Personal Data are functioning correctly.

    Explicit Consent

    You may need to obtain active and explicit consent to track users on your site. We recommend checking the laws and regulations that apply to your website(s) and obtaining legal advice.

    You may need to obtain active and explicit consent to track users on your site. We recommend checking the laws and regulations that apply to your website(s) and obtaining legal advice.

    Opt-Out

    You may be required to offer an opt-out for tracking on your website, depending on local laws/regulations. We recommend describing that you use Mouseflow, what it's for, and providing a link to our opt-out page: https://mouseflow.com/opt-out

    You may be required to offer an opt-out for tracking on your website, depending on local laws/regulations. We recommend describing that you use Mouseflow, what it's for, and providing a link to our opt-out page: https://mouseflow.com/opt-out

    ***

    What We Do

     
    EU/EEA Accounts
    Rest-of-World Accounts
    Data Protection Officer Axel Dreyer, LL.M.
    Schürmann Wolschendorf Dreyer Lawyers
    Uerdinger Straße 62
    40474 Düsseldorf, Germany
    Phone: +49 (0) 211 41558680
    Fax: +49 (0) 211 415586820
    Email: dreyer@swd-rechtsanwaelte.de
    Axel Dreyer, LL.M.
    Schürmann Wolschendorf Dreyer Lawyers
    Uerdinger Straße 62
    40474 Düsseldorf, Germany
    Phone: +49 (0) 211 41558680
    Fax: +49 (0) 211 415586820
    Email: dreyer@swd-rechtsanwaelte.de
    Privacy Shield
    Dispute Resolution
    Data Processing Agreement
    Encryption in Transit All Data All Data
    Encryption at Rest

    HTML Data Only

    HTML Data Only

    Data Separation

    We never send data outside the region in which it is originally stored (Europe/EEA).

    We never send data outside the region in which it is originally stored (United States).

    Opt-Out
    No Keystrokes

    All Visitors

    EU/EEA Visitors

    Playback Masking
    IP Addresses Automatically Anonymized (EU/EEA) or Excluded (Germany) Optional
    Support for "Do Not Track" Automatic Optional
    Vulnerability Scans
    Penetration Testing
    Security Policies & Training

    ***

    Questions?

    Please email us at privacy@mouseflow.com.

    Note: This page is not intended to provide legal advice. We recommend you consult your own legal counsel.

  • Data Subjects

    What is Mouseflow?

    Mouseflow is a tool used by 125,000+ clients to analyze, understand, and improve user experience on websites.

    We offer session replay/recordings, heatmaps, funnels, forms, and feedback campaigns.

    To learn more about these features, visit our Tour page.

    What information is collected?

    When you visit a webpage that has Mouseflow, the following information may be collected:

    • Clicks, Mouse Movements/Hovers, Scrolling
    • Browser
    • Device (Desktop/Tablet/Phone)
    • Language
    • Operating System
    • Screen Resolution
    • Duration (Time on Site)
    • Navigation (URLs)
    • Page Content (HTML)
    • ISP & Approx. ISP Location (City, State/Region, Country)
    • Keystrokes (only for non-EU/EEA Data Subjects in non-EU/EEA accounts and never for any password, digit, or excluded fields)
    • Referrer URL
    • Visitor Type (First Time/Returning)
    • Custom Tags or Variables

    The data is stored from 1-12 months, depending on the specific plan associated with a client account.

    What can I do?

    Data Access

    If you wish to obtain a copy of your data*, please contact the website owner where the data was collected/obtained (the Data Controller). If they are unable to process your request or do not respond in a timely manner, please contact us at privacy@mouseflow.com.

    Data Correction

    If you wish to correct your data*, please contact the website owner where the data was collected/obtained (the Data Controller). If they are unable to process your request or do not respond in a timely manner, please contact us at privacy@mouseflow.com.

    Data Erasure

    If you wish to erase your data*, please contact the website owner where the data was collected/obtained (the Data Controller). If they are unable to process your request or do not respond in a timely manner, please contact us at privacy@mouseflow.com.

    Revoking Consent

    If you gave your consent to have information processed by Mouseflow (in our feedback widget) and wish to revoke it, please both contact the website owner where the data was collected/obtained (the Data Controller) and us at privacy@mouseflow.com.

    Opt Out

    If you do not wish to be tracked, you can opt-out at:

    https://mouseflow.com/opt-out

    This places a cookie on your computer which will prevent any further tracking (unless deleted).


    * We require clients to exclude Personal Data from being captured. As such, the data stored by Mouseflow is expected to be anonymous in nature. This may alter your rights above or our ability to obtain a copy, correct, or erase your data as there is no way to trace it to you.

    Questions?

    If you have any questions, please email privacy@mouseflow.com and we're happy to assist.

Background Image

Execute a Data Processing Agreement (DPA)

Please click the button below:

Sign our DPA (via RightSignature)

Note: This document is only available in English.