GDPR

Note: This document is only available in English.

Sign our DPA (via RightSignature)
  • DATA CONTROLLERS
  • DATA SUBJECTS

What You Need to Do

First, we ask you to review the GDPR Legislation and the definition of Personal Data.

Next, please view the appropriate column in the table below based on where your account was created.

EU/EEA Accounts
Rest-of-World Accounts
Website Audit

You need to audit your website(s) to ensure Personal Data is excluded from tracking -- across all page content and form fields (which should be blocked automatically).

You need to audit your website(s) to ensure Personal Data is excluded from tracking -- across all page content and form fields.

IP Addresses

No action is required. We anonymize or exclude IP addresses automatically, according to local law. You can contact us to have IP exclusion enabled (stricter) if your country only requires anonymization.

You may wish to anonymize IP addresses (just click Settings > Anonymize IPs). This removes the last tuple of IP address data. You can contact us to have IP exclusion enabled (stricter) for added protection.

Test Recording

You should make a test recording in our platform to ensure all exclusions of Personal Data are functioning correctly.

You should make a test recording in our platform to ensure all exclusions of Personal Data are functioning correctly.

Explicit Consent

You may need to obtain active and explicit consent to track users on your site. We recommend checking the laws and regulations that apply to your website(s) and obtaining legal advice.

You may need to obtain active and explicit consent to track users on your site. We recommend checking the laws and regulations that apply to your website(s) and obtaining legal advice.

Opt-Out

You may be required to offer an opt-out for tracking on your website, depending on local laws/regulations. We recommend describing that you use Mouseflow, what it's for, and providing a link to our opt-out page: https://mouseflow.com/opt-out

You may be required to offer an opt-out for tracking on your website, depending on local laws/regulations. We recommend describing that you use Mouseflow, what it's for, and providing a link to our opt-out page: https://mouseflow.com/opt-out

What We Do

EU/EEA Accounts
Rest-of-World Accounts
Data Protection OfficerAxel Dreyer, LL.M.
Schürmann Wolschendorf Dreyer Lawyers
Uerdinger Straße 62
40474 Düsseldorf, Germany
Phone: +49 (0) 211 41558680
Fax: +49 (0) 211 415586820
Email: dreyer@swd-rechtsanwaelte.de
Axel Dreyer, LL.M.
Schürmann Wolschendorf Dreyer Lawyers
Uerdinger Straße 62
40474 Düsseldorf, Germany
Phone: +49 (0) 211 41558680
Fax: +49 (0) 211 415586820
Email: dreyer@swd-rechtsanwaelte.de
Privacy Shield
Dispute Resolution
Data Processing Agreement
Encryption in TransitAll DataAll Data
Encryption at RestHTML Data OnlyHTML Data Only
Data SeparationWe never send data outside the region in which it is originally stored (Europe/EEA).We never send data outside the region in which it is originally stored (United States).
Opt-Out
No KeystrokesAll VisitorsEU/EEA Visitors
Playback Masking
IP AddressesAutomatically Anonymized (EU/EEA) or Excluded (Germany)Optional
Support for "Do Not Track"AutomaticOptional
Vulnerability Scans
Penetration Testing
Security Policies & Training

Questions?

Please email us at privacy@mouseflow.com.

Note: This page is not intended to provide legal advice. We recommend you consult your own legal counsel.

What is Mouseflow?

Mouseflow is a tool used by 125,000+ clients to analyze, understand, and improve user experience on websites.

We offer session replay/recordings, heatmaps, funnels, forms, and feedback campaigns.

To learn more about these features, visit our Tour page.

What information is collected?

When you visit a webpage that has Mouseflow, the following information may be collected:

  • Clicks, Mouse Movements/Hovers, Scrolling
  • Browser
  • Device (Desktop/Tablet/Phone)
  • Language
  • Operating System
  • Screen Resolution
  • Duration (Time on Site)
  • Navigation (URLs)
  • Page Content (HTML)
  • ISP & Approx. ISP Location (City, State/Region, Country)
  • Keystrokes (only for non-EU/EEA Data Subjects in non-EU/EEA accounts and never for any password, digit, or excluded fields)
  • Referrer URL
  • Visitor Type (First Time/Returning)
  • Custom Tags or Variables

The data is stored from 1-12 months, depending on the specific plan associated with a client account.

What can I do?

Data Access

If you wish to obtain a copy of your data*, please contact the website owner where the data was collected/obtained (the Data Controller). If they are unable to process your request or do not respond in a timely manner, please contact us at privacy@mouseflow.com.

Data Correction

If you wish to correct your data*, please contact the website owner where the data was collected/obtained (the Data Controller). If they are unable to process your request or do not respond in a timely manner, please contact us at privacy@mouseflow.com.

Data Erasure

If you wish to erase your data*, please contact the website owner where the data was collected/obtained (the Data Controller). If they are unable to process your request or do not respond in a timely manner, please contact us at privacy@mouseflow.com.

Revoking Consent

If you gave your consent to have information processed by Mouseflow (in our feedback widget) and wish to revoke it, please both contact the website owner where the data was collected/obtained (the Data Controller) and us at privacy@mouseflow.com.

Opt Out

If you do not wish to be tracked, you can opt-out at:

https://mouseflow.com/opt-out

This places a cookie on your computer which will prevent any further tracking (unless deleted).


* We require clients to exclude Personal Data from being captured. As such, the data stored by Mouseflow is expected to be anonymous in nature. This may alter your rights above or our ability to obtain a copy, correct, or erase your data as there is no way to trace it to you.

Questions?

If you have any questions, please email privacy@mouseflow.com and we're happy to assist.

Execute a Data Processing Agreement (DPA)

Please click the button below:

Sign our DPA (via RightSignature)

Note: This document is only available in English.