Hotjar was designed and built with privacy in mind. We created a service to help understand and interpret user behavior anonymously, without personally identifying individual users.
Our ‘privacy by design’ approach keeps end-user privacy at the center of what we do. We believe we have a responsibility to safeguard privacy and support anonymity in user behavior analysis, so that trust between website/app owners, prospects, and customers can be assured and maintained.
We’re excited to welcome the reinforcing elements of the GDPR. Our top priority is ensuring that our users and customers can use Hotjar in a GDPR-compliant manner and the data they collect with Hotjar is processed securely.
Our Visitor Lookup feature lets you quickly lookup what data your site has collected for an individual visitor (the "data subject") through their email address, and allows you to give them access to view and delete all or part of their data.
Automatic suppression* can be set on all numeric-digits and email addresses in Session Recordings, Heatmaps and Incoming Feedback Screenshots, by activating on-page suppression. Suppression tags can be used to suppress specific elements on pages that contain Personally identifiable information (PII), and all Form fields have automatic suppression setup for you.
*PII data is automatically anonymized on your end-user’s side so that data containing PII never reaches Hotjar’s servers
All of our feedback tools have the ability to export data and download a file in either a csv or xlsx format.
Our feedback tools give you the option to clearly ask for consent whenever personally identifiable information is shared through a Poll, Recruiter, or Incoming Feedback widget in order to link your feedback responses with their associated session recordings which can also easily be withdrawn through our Visitor Lookup feature.