ClickThrough currently only use Crazy Egg for heat mapping and not session recordings so we hold no keystroke data or need to change settings in Crazy Eggs GUI. Crazy Egg have this information on their site so far on GDPR which looks a little behind some of the other visual intelligence companies:
We at Crazy Egg have two sets of responsibilities:
- As a Data Processor: When a customer installs Crazy Egg on their website, they become a Data Controller sending us, the Data Processor, data about their visitors.
- As a Data Controller: We also have a set of responsibilities for EU customers using our website directly.
With this in mind, we will be:
- Updating our Terms of Service and Privacy Policies with a Data Processing Agreement embedded within
- Anonymizing IP Addresses
- Developing even more advanced searches for PII in our User Recordings
- Masking and blocking out elements that could contain PII
- Providing a way for Crazy Egg account administrators to easily and permanently delete data, records, and files
Rest easy, the Snapshots we take of your websites are filled with aggregated and anonymized data.
According to this they will be anonymizing IP addresses before May 25th but we will remove Crazy Egg from our clients sites via GTM if they have not complied in time.
Crazy Egg also advise providing an opt in functionality for your websites tracking.so that people know they are being tracked.