GDPR

What is Mouseflow?

Mouseflow is a tool used by 190,000+ clients to analyze, understand, and improve user experience on websites.

We offer session replay/recordings, heatmaps, funnels, forms, and feedback campaigns.

To learn more about these features, visit our Tour page.

 

What information is collected?

When you visit a webpage that has Mouseflow, the following information may be collected:

  • Clicks, Mouse Movements/Hovers, Scrolling
  • Browser
  • Device (Desktop/Tablet/Phone)
  • Language
  • Operating System
  • Screen Resolution
  • Duration (Time on Site)
  • Navigation (URLs)
  • Page Content (HTML)
  • ISP (Not for EU and California, USA visitors)
  • Approx. ISP Location (City, State/Region, Country)
  • Keystrokes (only for non-EU/EEA Data Subjects in non-EU/EEA accounts and never for any password, digit, or excluded fields)
  • Referrer URL
  • Visitor Type (First Time/Returning)
  • Custom Tags or Variables
  • Replies in Feedback Tool

The data is stored from 1-12 months, depending on the specific plan associated with a client account.

 

What Can I Do?

Data Access

If you wish to obtain a copy of your data*, please contact the website owner where the data was collected/obtained (the Data Controller). If they are unable to process your request or do not respond in a timely manner, please contact us at privacy@mouseflow.com.

Data Correction

If you wish to correct your data*, please contact the website owner where the data was collected/obtained (the Data Controller). If they are unable to process your request or do not respond in a timely manner, please contact us at privacy@mouseflow.com.

Data Erasure

If you wish to erase your data*, please contact the website owner where the data was collected/obtained (the Data Controller). If they are unable to process your request or do not respond in a timely manner, please contact us at privacy@mouseflow.com.

Revoking Consent 

If you gave your consent to have information processed by Mouseflow (in our feedback widget) and wish to revoke it, please both contact the website owner where the data was collected/obtained (the Data Controller) and us at privacy@mouseflow.com.

Opt Out

If you do not wish to be tracked, you can opt-out at:

mouseflow.com/opt-out

This places a cookie on your computer which will prevent any further tracking (unless deleted).

* We require clients to exclude Personal Data from being captured. As such, the data stored by Mouseflow is expected to be anonymous in nature. This may alter your rights above or our ability to obtain a copy, correct, or erase your data as there is no way to trace it to you.

What You Need to Do

First, we ask you to review the GDPR Legislation and the definition of Personal Data.

Next, please view the appropriate column in the table below based on where your account was created.

Eu/EEA AccountsRest-of-the-world accounts
Website Audit

You need to audit your website(s) to ensure Personal Data is excluded from tracking — across all page content and form fields (which should be blocked automatically).

You need to audit your website(s) to ensure Personal Data is excluded from tracking — across all page content and form fields.

IP Addresses

No action is required. We anonymize or exclude IP addresses automatically, according to local law. You can contact us to have IP exclusion enabled (stricter) if your country only requires anonymization.

You may wish to anonymize IP addresses (just click Settings > Anonymize IPs). This removes the last tuple of IP address data. You can contact us to have IP exclusion enabled (stricter) for added protection.

Test Recording

You should make a test recording in our platform to ensure all exclusions of Personal Data are functioning correctly.

You should make a test recording in our platform to ensure all exclusions of Personal Data are functioning correctly.

Explicit Consent

You may need to obtain active and explicit consent to track users on your site. We recommend checking the laws and regulations that apply to your website(s) and obtaining legal advice.

You may need to obtain active and explicit consent to track users on your site. We recommend checking the laws and regulations that apply to your website(s) and obtaining legal advice.

Opt-Out

You may be required to offer an opt-out for tracking on your website, depending on local laws/regulations. We recommend describing that you use Mouseflow, what it’s for, and providing a link to our opt-out page.

You may be required to offer an opt-out for tracking on your website, depending on local laws/regulations. We recommend describing that you use Mouseflow, what it’s for, and providing a link to our opt-out page..

What we do

Eu/EEA AccountsRest-of-the-world accounts
Data Protection Officer

Email

Email

Privacy Shieldtruetrue
Dispute Resolution truetrue
Data Processing Agreement truetrue
Encryption in Transit

All Data

All Data

Encryption at Rest

HTML Data Only

HTML Data Only

Data Separation

We never send data outside the region in which it is originally stored (Europe/EEA).

We never send data outside the region in which it is originally stored (United States).

Opt-Outtruetrue
No Keystrokes

All Visitors

EU/EEA Visitors

Playback Maskingtruetrue
IP Addresses

Automatically Anonymized (EU/EEA) or Excluded (Germany)

Optional

Support for Do Not Track

Automatic

Optional

Vulnerability Scanstruetrue
Penetration Testingtruetrue
Security Policies & Trainingtruetrue

Questions?

If you have any questions, please email privacy@mouseflow.com and we’re happy to assist.