LeadOcto
Privacy & GDPR

GDPR, cookies and data residency

LeadOcto on rakennettu EU edellä: EU-isännöity, evägetön tila saatavilla, Do Not Track huomioidaan.

4 min read Updated 1 week ago Octo

LeadOcto is a European company under the GDPR. Every default biases toward storing less, encrypting more, and giving you and your visitors control. Here are the specifics.

EU hosting

Customer data is stored in the EU by default. We do not replicate it outside the EU.

Cookieless mode

Switch on cookieless mode in the widget's advanced settings. The widget then uses session storage instead of cookies, which means you do not need a consent banner to load it under strict EU rules. The trade-off is that visibility analytics reset when the tab closes.

Do Not Track

If a visitor's browser sends a Do Not Track signal and you keep Honour DNT enabled, we skip all analytics events for that session. The widget still works, the visitor can still talk to you, we simply do not count them.

Retention

  • Lead messages are kept while your account is active and deleted within 30 days of account closure.
  • Analytics events roll on a 13-month window.
  • Soft-deleted widgets have a short grace period, then are permanently removed.

Data Processing Agreement

A signed Data Processing Agreement is available for every paid account from your account settings. If your legal team needs custom clauses, contact our support.

GDPR-compliant by default

You do not have to configure anything to be compliant. The defaults are already the compliant choice.