GDPR, cookies and data residency
LeadOcto on rakennettu EU edellä: EU-isännöity, evägetön tila saatavilla, Do Not Track huomioidaan.
LeadOcto is a European company under the GDPR. Every default biases toward storing less, encrypting more, and giving you and your visitors control. Here are the specifics.
EU hosting
Customer data is stored in the EU by default. We do not replicate it outside the EU.
Cookieless mode
Switch on cookieless mode in the widget's advanced settings. The widget then uses session storage instead of cookies, which means you do not need a consent banner to load it under strict EU rules. The trade-off is that visibility analytics reset when the tab closes.
Do Not Track
If a visitor's browser sends a Do Not Track signal and you keep Honour DNT enabled, we skip all analytics events for that session. The widget still works, the visitor can still talk to you, we simply do not count them.
Retention
- Lead messages are kept while your account is active and deleted within 30 days of account closure.
- Analytics events roll on a 13-month window.
- Soft-deleted widgets have a short grace period, then are permanently removed.
Data Processing Agreement
A signed Data Processing Agreement is available for every paid account from your account settings. If your legal team needs custom clauses, contact our support.
GDPR-compliant by default
You do not have to configure anything to be compliant. The defaults are already the compliant choice.
