TraceVisitor logoTraceVisitor

GDPR Compliance

Last updated: May 15, 2025

At visitorTraq, we are committed to ensuring the privacy and protection of your data in compliance with the General Data Protection Regulation (GDPR). This page outlines our approach to GDPR compliance and how we help our customers meet their GDPR obligations.

Our Role Under GDPR

Under GDPR, visitorTraq acts as both a data controller and a data processor:

  • Data Controller: We are a data controller for the personal data we collect about our customers and website visitors for the purpose of providing our services, managing accounts, and marketing.
  • Data Processor: We are a data processor for the personal data we collect and process on behalf of our customers (the data controllers) through our analytics service.

How We Help You Comply with GDPR

As a provider of website analytics services, we understand that our customers need to comply with GDPR when collecting data about their website visitors. Here's how we help:

  • Data Processing Agreement (DPA): We offer a GDPR-compliant Data Processing Agreement that outlines our responsibilities as a data processor and your rights as a data controller.
  • IP Anonymization: Our service includes the option to anonymize IP addresses, which helps reduce the identifiability of your visitors' data.
  • Cookie Consent: We provide tools to help you obtain and manage cookie consent from your website visitors.
  • Data Subject Rights: We offer features that help you fulfill data subject requests, including access, rectification, and erasure of personal data.
  • Data Retention Controls: You can set custom data retention periods to ensure you only keep personal data for as long as necessary.
  • Data Security: We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.

Our GDPR Compliance Measures

We have implemented several measures to ensure our own compliance with GDPR:

  • Data Protection Officer (DPO): We have appointed a DPO who is responsible for overseeing our data protection strategy and implementation.
  • Data Protection Impact Assessments (DPIAs): We conduct DPIAs for new products, features, or processing activities that may involve high risk to individuals' privacy.
  • Staff Training: Our team members receive regular training on data protection and privacy best practices.
  • Data Breach Procedures: We have established procedures for detecting, reporting, and investigating personal data breaches.
  • International Data Transfers: We ensure that any transfers of personal data outside the EEA are protected by appropriate safeguards.

Your Responsibilities

While we provide tools and features to help you comply with GDPR, as a data controller, you are responsible for:

  • Providing clear and transparent privacy notices to your website visitors
  • Obtaining valid consent where required
  • Responding to data subject requests within the required timeframe
  • Ensuring you have a legal basis for processing personal data
  • Reporting data breaches to the relevant supervisory authority when necessary

Contact Our DPO

If you have any questions about our GDPR compliance or how we can help you meet your GDPR obligations, please contact our Data Protection Officer at dpo@visitortraq.com.