Capturly’s commitment to the GDPR
At Capturly we take your privacy very seriously. If your website or webapp has traffic from any EU or EEA country
then your website is probably affected by the GDPR legislation. The aim of this page is to inform you how Capturly
compliance to the GDPR legislation and what actions you made as a Data Controller if you are using Capturly.
If you are not familiar with GDPR, you can visit the official page for more information.
Capturly is fully committed to achieving compliance with the GDPR prior to the regulation’s effective date.
Please be aware that this site does not intend to fully prepare your company for GDPR, it only contains the
changes and requirements related to our service. We recommend you to consult your own legal counsel regarding the
GDPR compliance of your website or webapp.
What measures do you apply in order to honor the GDPR?
We automatically anonymize the IP Addresses of EU or EEA citizens.
We have an opt-out feature available for everybody. Enabling this feature, forbid Capturly to track the
user of the dedicated browser on any site.
No keystrokes are shown on recordings and heatmaps. We enable playback masking on all recordings in order
prevent user-typed from appearing on recordings and heatmaps.
We prepared with a code snippet which can be added to those pages where tracking shall be denied.
We never send data outside the region in which it is originally stored.
Privacy Shield is signed.
Encryption in Transit on all data.
Encryption at Rest on HTML data.
Note: Capturly was not designed to show how a specific identifiable person is using a website or a webapp. We
respect and apply the “Privacy by design” principle of the GDPR. The aim of Capturly is to understand the visitors’
experience and identify common issues and opportunities on your website or webapp.
What do Capturly Customers need to do?
Based on your country’s jurisdiction and situation, you might to verify two things. We recommend you to consult
your own legal counsel regarding the GDPR compliance of your website or webapp.
Please make sure to notify your users about the usage of Capturly on your website and or webapp in
If you are in European Union you’ll likely want to sign a Data Processing Agreement with us. You can
find our Data Processing Agreement here.
Can I request a Data Processing Agreement?
Of course, we ensure you to sign a Data Processing Agreement (DPA) with Capturly if your company is based in
the EU or you collect data from data subjects in the EU. The digitally signed DPA should be sent to [email protected],
we will countersign it and provide you a signed copy within 3 business days. The agreement needs to be signed
by the entity which effectively entered into the Terms of Service with Hotjar
Please consult with your legal counsel before signing the agreement!
How can I prohibit Session recording on a given page?
In order to do so, please add the following HTML code to the given page(s):
After the code is added, we won’t track the visitors’ behavior on the given site and no session recordings and heatmaps will be created for the page.
Where are your servers are located?
The servers of Capturly are located in data centers in the EU.
Does Capturly honor the Do Not Track function?
Yes, we automatically honor the Do Not Track function of the web browsers globally.
How can I deny to be tracked by Capturly?
You can found the opt-out function here. Please note that this option applies only to the current browser.
If you clear your cookies, browse in incognito mode, or use a different browser, then tracking will be enabled.
How do you ensure that my data is secured?
We regularly run vulnerability scans and penetration tests in order to keep our system up to date and secure.
Please feel free to email us at [email protected] if you have any further questions regarding data privacy.
Please note that Capturly, Inc. is not intended to provide legal advice. We recommend you consult your own legal counsel.