By using our services, you may consider whether it could pose a risk to the processing of personal data of your customers. This is why we have come up with this short guide explaining how to stay compliant with GDPR (General Data Protection Regulation) or CCPA (California Consumer Privacy Act) when using our services.
According to GDPR, you are the Controller of the personal data of your customers and since you share that information with us and we process it under your instructions, we are the Processor of such data. One of the duties of the controller is to notify the customers whose personal data you are processing through a privacy notice and also collect consent if you deploy cookies or similar technologies (including cookies) into their devices.
This is why we advise you to communicate Outfunnel in your privacy notice as a third-party service provider who also has access to personal data. You should also bring Outfunnel up in your cookie notice. Also briefly describe what our technology is used for and how long does our cookie persist in the customer’s browser.
This guidance has a purely informative meaning and does not carry any legal rights or duties.
Example of a clause about Outfunnel which could be added to your cookie notice
How does it work?
We embed a cookies-based tracking code on our website. When visitors come to the website, a cookie is placed in the web browser and the tracking code sends information to Outfunnel about that visitor’s web activity. Outfunnel also tracks the opens of emails, clicks on any of the hyperlinks included, and other email activity.
What information does Outfunnel collect?
When tracking code is added to a page, Outfunnel automatically gathers the following information:
Time of each page visit
Referrer (Source, Medium)
What cookies does Outfunnel deploy?
of.firstVisit - stores visitor lead source
of.lastPageviews - stores page view info
of.humanVerified - stores info if it's a human or a bot visit
of.humanVerified.event - event that was used to understand if it's a human
ofs - stores the session data, email of contact, time when was identified and how
of.cookiesSupported - this is to test if cookies are supported, if script can set this cookie value cookies are used.
The cookies expiry is indefinite.
Example of a clause about Outfunnel which could be added to your privacy notice
We use Outfunnel as our third-party service provider in order to create email distribution lists and manage marketing campaigns. Such processing is covered with a data processing agreement protecting your personal data.
💡Is it possible to block the script unless the user gives consent?
Outfunnel doesn't have a built-in solution for this at the moment. The web tracking script is always tracking activity.
The above-mentioned process will allow you to block the Google Tag Manager script (Outfunnel's tracking code) if the user doesn't give explicit permission. This way, you'll know the script will only run when someone accepts the necessary cookies.