Privacy & Security

Yes. Tracking behavior and movement of your visitors using Smartlook is completely legal, just like using Google Analytics or other services for tracking visitors on your website. From a legal point of view it’s important to be specially careful in case you are recording form inputs because visitors might fill in some sensitive personal data. You can disable the recording of form inputs in the Smartlook settings to ensure you don’t record any personal data of your visitors.

It’s legal to record form inputs and collect personal data of your visitors using Smartlook, but some countries may require you to inform your visitors about this. If you are based in the European Union, we recommend to add the following statement to your terms & conditions or privacy policy: “Your personal data might be collected and saved by us or 3rd parties, such as, s.r.o., VAT ID CZ03668681”.

Personal data protection laws may vary across the world. European Union, where Smartlook is based, is generally very strict about personal data protection. Some countries might not require you to inform visitors or to include by name the 3rd parties that collect personal data of your visitors. We recommend to consult with a lawyer to get detailed information about your legal obligations regarding personal data collection.

Should I inform visitors that I record them?

This depends if you record personal data of your visitors with Smartlook. If you don’t record any personal data, you don’t need to inform your visitors about the recording, just use the normal disclaimer regarding the cookie policy. If you do record personal data, please see the question “Is tracking visitors using Smartlook legal?” for more information.

Is visitor data safe with Smartlook?

The data of your visitors is safe with Smartlook. We created several security steps to protect the sensitive data of your visitors.

  1. The access to the visitor recordings of your website is possible only after logging into your Smartlook account. To login you must know fill in the login credentials (email associated with the Smartlook account and the password).
  2. The data entered in form fields, which is marked as a password or “sensitive”, is not recorded, nor is it sent to the Smartlook server.
  3. We have created a tool that allows you to block any elements of your site that migh contain sensitive information.
  4. Communication between the Smartlook script on your web site and our server supports SSL / TLS (Secure Sockets Layer / Transport Layer Security). Likewise, the SSL / TLS secure communication is setup between the Smartlook servers and the Dashboard (the interface you use to access the recordings).

For more detailed information about data security see our Privacy Policy.