Your rights under the General Data Protection Regulation, how we protect your privacy, and how to exercise your data subject rights.
Last updated September 22, 2025
GDPR gives you control over your personal data. Whether you're a website visitor being tracked by our analytics or a website owner using our service, you have specific rights about how your data is collected, used, and stored.
This page explains exactly what those rights are, when you might need to get consent from your visitors, and how we handle data processing to keep everything compliant.
When you use our analytics service, there are two key roles under GDPR. You (the website owner) are the data controller, which means you decide what data to collect and how to use it. We're the data processor, which means we handle the data according to your instructions.
This matters because as the data controller, you're responsible for getting consent when needed, handling visitor requests about their data, and making sure you have a legal basis for collecting analytics. We handle the technical processing and keep everything secure.
GDPR gives you several important rights over your personal data. These apply whether you're a visitor to a website using our analytics or a customer using our service directly.
| Right | Description |
|---|---|
| See your data | Want to know what data we have about you? Just ask. We'll send you everything we've collected and explain how we're using it. |
| Fix your data | If we have incorrect information about you, we'll fix it. Just let us know what needs to be corrected. |
| Delete your data | Want us to forget about you completely? We'll delete all your personal data immediately when you ask. |
| Pause processing | Need us to temporarily stop processing your data while we sort something out? We can put a hold on it until the issue is resolved. |
| Take your data | Moving to another analytics service? We'll give you all your data in a format that's easy to import elsewhere. |
| Object to processing | Don't want your data processed for certain purposes? You can object and we'll stop, unless we have compelling legal reasons to continue. |
In many cases, yes. Our default tracking doesn't use cookies and may be used under legitimate interest for basic analytics, depending on your use case and local requirements.
We also respect browser privacy signals. If a visitor has Global Privacy Control or Do Not Track enabled, our script won't send analytics events.
However, you'll need explicit consent (normally in the form of a consent banner) from EU visitors if you use any of these features:
| Feature | Consent Requirement |
|---|---|
| Persist mode | Sets cookies to track visitors across sessions. You'll need a consent banner before enabling persist mode. |
| Identify function | Collects personal information (name, email) and sets cookies. You'll need a consent banner before using the identify function. |
| Custom events | If you include names, emails, or other personally identifiable info in event properties, get consent first. |
As the data controller, you're responsible for handling requests from your website visitors about their data. The good news is we make this straightforward.
When visitors want to see what data we have about them, just forward their request to us and we'll provide everything we've collected. If they want their personal data deleted, send us their details and we'll remove it immediately.
For other requests like data corrections or restrictions, we'll work with you to handle them quickly. Most requests can be resolved within a few days.
Keep in mind that anonymous analytics data stays in place since it can't be linked back to specific individuals. We only delete data that's actually personal.
We handle the technical side of GDPR compliance so you can focus on your business. All data processing happens in the EU under strict data protection standards.
We maintain security measures, provide data when requested, delete data immediately when asked, and notify you of any issues. See our data policy for complete technical details.
If you're a website owner using our analytics service, you act as the data controller and have specific responsibilities under GDPR.
You must ensure you have a lawful basis for processing visitor data, obtain consent when required, and handle data subject requests from your visitors. We provide tools and guidance to help you maintain compliance.
When visitors exercise their GDPR rights regarding data collected on your website, you're responsible for forwarding these requests to us so we can process them appropriately.