Hotjar was designed and built with privacy in mind. Our approach keeps end-user privacy at the center of what we do.
As the leading and most popular platform on the market, used on over 500,000 websites in 180+ countries, we believe we have a responsibility to offer tools and methods to safeguard data so that trust between website owners, prospects, and customers can be assured and maintained.
In 2018, we were excited to welcome the reinforcing elements of the GDPR. Our top priority is ensuring that our users and customers can use Hotjar in a GDPR-compliant manner and the data they collect with Hotjar is processed securely.
Our Visitor Lookup feature lets you quickly look up what data your site has collected for an individual visitor (the "data subject") through their email address and/or User ID, and allows you to give them access to view and delete all or part of their data.
Automatic suppression* can be set on all numeric-digits and email addresses in Session Recordings, Heatmaps, and Incoming Feedback screenshots, by activating on-page suppression. Suppression tags can be used to suppress specific elements including images on pages that contain personally identifiable information (PII), and all Form fields have automatic suppression set up for you.
*PII data is automatically anonymized on your end-user’s side so that data containing PII never reaches Hotjar’s servers for Heatmaps, Recordings, and Incoming Feedback.
All of our feedback tools have the ability to export data and download a file in either a csv or xlsx format.