All Collections
Web tracking
⚖️ How to stay compliant with privacy regulations like GDPR and CCPA when using web tracking
⚖️ How to stay compliant with privacy regulations like GDPR and CCPA when using web tracking

If you're using Outfunnel's web tracking feature, follow these steps to stay compliant

Updated over a week ago

By using our services, you may consider whether it could pose a risk to the processing of personal data of your customers. This is why we have come up with this short guide explaining how to stay compliant with GDPR (General Data Protection Regulation) or CCPA (California Consumer Privacy Act) when using our services.

Our software uses cookies for tracking web visits. Cookies are small pieces of text sent to your browser by a website you visit. They help that website remember information about your visit, which can both make it easier to visit the site again and make the site more useful to you.

According to GDPR, you are the Controller of the personal data of your customers and since you share that information with us and we process it under your instructions, we are the Processor of such data. One of the duties of the controller is to notify the customers whose personal data you are processing through a privacy notice and also collect consent if you deploy cookies or similar technologies (including cookies) into their devices.

This is why we advise you to communicate Outfunnel in your privacy notice as a third-party service provider who also has access to personal data. You should also bring Outfunnel up in your cookie notice. Also briefly describe what our technology is used for and how long does our cookie persist in the customer’s browser.

This guidance has a purely informative meaning and does not carry any legal rights or duties.

Outfunnel Cookies

We use third-party marketing software Outfunnel in order to send our emails and manage our marketing campaigns. Outfunnel uses cookies as part of tracking, so we would have information on the effectiveness of various marketing activities. Outfunnel also tracks activity on the website.

How does it work?

We embed a cookies-based tracking code on our website. When visitors come to the website, a cookie is placed in the web browser and the tracking code sends information to Outfunnel about that visitor’s web activity. Outfunnel also tracks the opens of emails, clicks on any of the hyperlinks included, and other email activity.

What information does Outfunnel collect?

When tracking code is added to a page, Outfunnel automatically gathers the following information:

  • Page visits

  • Time of each page visit

  • IP Address

  • Referrer (Source, Medium)

  • User ID

  • Identification source

What cookies does Outfunnel deploy?

  • of.firstVisit - stores visitor lead source

  • of.lastPageviews - stores page view info

  • of.humanVerified - stores info if it's a human or a bot visit

  • of.humanVerified.event - event that was used to understand if it's a human

  • ofs - stores the session data, email of contact, time when was identified and how

  • of.cookiesSupported - this is to test if cookies are supported, if script can set this cookie value cookies are used.

The cookies expiry is indefinite.

Example of a clause about Outfunnel which could be added to your privacy notice

We use Outfunnel as our third-party service provider in order to create email distribution lists and manage marketing campaigns. Such processing is covered with a data processing agreement protecting your personal data.

💡Is it possible to block the script unless the user gives consent?

Outfunnel doesn't have a built-in solution for this at the moment. The web tracking script is always tracking activity.

However, if you're using a tool like CookieYes (for example) to manage your cookie policy, you can install Outfunnel's tracking code using Google Tag Manager and then follow a process like this one.

The above-mentioned process will allow you to block the Google Tag Manager script (Outfunnel's tracking code) if the user doesn't give explicit permission. This way, you'll know the script will only run when someone accepts the necessary cookies.

Did this answer your question?