Your privacy & Hotjar

From day one, Hotjar was designed and built with privacy in mind. We wanted to help our customers improve their websites and create better user experiences, while keeping privacy at the core of our software—and we’ve been doing it since 2014.

Today, Hotjar is used on over 500,000 websites in 180+ countries. We believe we have a responsibility to set the example and protect not just the privacy of our customers, but also that of the people who visit their websites—in other words: you.

Improving websites, for you.

Online businesses use Hotjar to create better website experiences.

Nobody wants to waste their time on a website that is confusing and hard to navigate.

You know it, we know it, and website owners know it too—which is why they turn to Hotjar.

Website owners use Hotjar to better understand user behavior: what actions people take on a website, what elements of a page they click or ignore, what they enjoy, where they struggle. With this insight, website owners can then make changes that improve the overall experience for all website users. And that includes you.

We record interactions, not your sensitive data.

Hotjar is designed for websites to get insights. And respect your privacy.

When you browse a website that has Hotjar installed, we collect data about your interactions (e.g. where you click, scroll your mouse, move in between pages) and use it to create visual representations of the experience. Website owners get these insights without tracking IP/MAC addresses-- the stuff that relates to the device you use.

Some Hotjar tools, like session recordings, reconstruct the individual actions you took during a website visit; others, like heatmaps, aggregate data points from you and hundreds of other visitors in one report.

But in all cases, by default, sensitive data that you might enter on the site (your credit card details or phone numbers) will never reach our servers: we cannot see it, and neither can the website owner. Hotjar customers viewing a session recording will only see asterisks (‘***’ ) instead of numbers.

For more information, head over to our Privacy FAQs.

We will never share or sell your data.

Not to advertisers. Not to third-party services. Not to anyone.

Nobody here at Hotjar likes the idea of tools following us around different websites or companies sharing and selling our data without our permission. We are committed to making sure this doesn’t happen to you, either.

Hotjar is designed to help make websites easier to use, and the data we track about your website visit (for example, what and where you click) is only used for this purpose. We don’t follow you around the Internet: website owners who use Hotjar cannot see or find out about your activity on sites they don’t own. Likewise, we don’t harvest personal data or sell it to anyone, ever, for any reason. Nor do we mine it for profiling or advertising purposes.

To learn more about data privacy, head over to our Privacy FAQs.

Request and access your data, anytime.

Your data is stored securely, and you can ask to see it whenever you want.

As a website visitor, you have the right to request access to the personal identifiable information a website owner collected and stored about you. You also have the right to request that this information is deleted.

At any time, you can request a website owner who uses Hotjar to give you access to your data. They can run a search for personal data from inside the Hotjar dashboard; the system will then generate and email you a report that lets you view, and delete, any data connected with you.

To learn more about data privacy and accessing your data, head over to our Privacy FAQs.

Tracking: we'll always give you options.

If you prefer websites not to track data about your visit, we can help.

If you prefer websites not to track data about your visit, we can help.

If you want to stop a website using Hotjar from collecting data about your visit, you should know that the website owner is responsible for getting your consent to collect and process data about your visit (and must allow you to withdraw that consent as well).

But we understand that you might want Hotjar (and other tools) to not process data about you regardless of whether a site owner asks for permission or not, so we want to give you an extra option. If you put a ‘Do Not Track’ flag on your browser, Hotjar will look for it before we collect any data about your site visit. Not everybody does that, but we do.

For more information about this take a look at our guide on how ‘Do Not Track’ in your browser works.

Compliance commitment: GDPR, CCPA, and more.

Our customers can use Hotjar in a compliant manner, for you.

We have followed a ‘privacy by design’ approach since our very first day, back in 2014, so we’re big supporters of privacy acts and regulations like the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the Lei Geral de Proteção de Dados (LGPD) that enhance your privacy rights and protection as a consumer.

We have built the necessary controls around anonymity and consent to make sure website owners who use Hotjar can do it in a compliant manner. Plus, our legal team is fully committed to keeping up-to-date with any changes in the law and making sure they are reflected in our product.

You can read more about GDPR, CCPA, LGPD, and our other commitments over in our Compliance resources.

Questions? We’ve got you covered.

From FAQs to in-depth resources - our help center has everything you need to know about Hotjar relating to privacy, compliance, legal, and security.

Take me there