Here are the most common questions we receive about Compliance.
- Does Hotjar have appropriate procedures to destroy/delete personal data after an appropriate time period?
- Does Hotjar have a Data Protection Officer (DPO)?
- Does Hotjar ever transfer any personal data collected through its service outside of the EEA?
- Does Hotjar have any sub-processors?
- Does a written agreement exist between Hotjar and each of its sub-processor(s) where personal data is/will be disclosed to, or otherwise processed by, such sub-processor(s)?
- Is compliance with legal/regulatory standards regularly monitored and kept up-to-date?
Does Hotjar have appropriate procedures to destroy/delete personal data after an appropriate time period?
Yes - please see our Data Retention Policy which sets out how long we hold data and when we delete it.
Does Hotjar have a Data Protection Officer (DPO)?
Yes - Hotjar has appointed a DPO to ensure that Hotjar processes all personal data it collects in compliance with the GDPR. You may contact Hotjar’s DPO at dpo@hotjar.com.
Does Hotjar ever transfer any personal data collected through its service outside of the EEA?
You can learn more about this by looking at our Data Storage page.
Does Hotjar have any sub-processors?
We have a list of all sub-processors appointed by Hotjar.
Does a written agreement exist between Hotjar and each of its sub-processor(s) where personal data is/will be disclosed to, or otherwise processed by, such sub-processor(s)?
Yes, Hotjar has a Data Processing Agreement in place with all of its sub-processors. Where required, Hotjar has also signed Standard Contractual Clauses (where applicable) with its sub-processors and has ensured that supplementary measures have been put in place (where applicable) by these sub-processors to ensure that all data is processed to the highest standards. You can learn more about this by looking at our Data Storage page.
Is compliance with legal/regulatory standards regularly monitored and kept up-to-date?
Yes - our Compliance Team regularly monitors our compliance/legal/regulatory commitments and where required, update and modify.