Data security & legal info

Yes. Tracking behavior and movement of your visitors using Smartlook is legal, just like using Google Analytics or other services for tracking visitors on your website.

From a legal point of view it’s important if you record personal data of visitors using Smartlook. This is something you can set up in Smartlook. On most websites the only place where visitors might fill in personal data are forms. To ensure Smartlook doesn’t record any personal data, simply disable recording of form inputs in Smartlook settings.

If you have recording of forms inputs enabled in Smartlook, you are most likely collecting personal data of your visitors. Collecting of personal data is subject to local laws in your country. In most countries in European Union you are required to inform visitors of your website about the fact you collect their personal data through a 3rd party software. We recommend to add the following statement to your terms & conditions or privacy policy: “Your personal data might be collected by us or 3rd parties, such as, s.r.o., VAT ID CZ03668681”.

Legal requirements about personal data collection may vary across countries in the world. It’s best to consult a local lawyer in your country if you are unsure about your legal obligations in this area.

Should I inform visitors that I record them?

It depends if you record personal data of your visitors using Smartlook and also on local laws in your country. If you don’t record any personal data, you don’t need to inform your visitors about the recording. If you do record personal data of your visitors through Smartlook, you are most likely required to inform them about this. Best way is to include it in your privacy policy that is easily accessible on your website. Please see the question above for more information.

If one of your visitors doesn’t want to be tracked by Smartlook on your website, you can send him link to our opt-out page.

Is visitor data safe with Smartlook?

The data of your visitors is safe with Smartlook. We created several security steps to protect the sensitive data of your visitors.

  1. Access to the visitor recordings of your website is possible only after logging into your Smartlook account. Your account can only be accessed using your login email and password. We recommend using a strong password that can’t be guessed.
  2. Smartlook never records form fields marked as sensitive. This means passwords, credit card numbers and other sensitive data are not recorded, even if you do record form inputs. If Smartlook is recording passwords or credit card numbers on your website, this most likely means your web developers didn’t mark those form fields as sensitive when creating your website. In such a case please contact your web developer to set those form fields as sensitive in the code.
  3. Smartlook is using SSL / TLS encryption (Secure Sockets Layer / Transport Layer Security) and latest security standards to protect your data.
  4. You can block any elements of your site from being recorded using our API.

For more information about our data security see our Privacy Policy.