Privacy center

Compliance-first visitor intelligence

The product separates raw tracking, company reveal, person resolution, and action logs so legal controls can be enforced at each layer.

Regional consent modes

EU/UK can disable person-level enrichment before consent. Global notice mode stays available for B2B-only deployments.

Suppression list

Email, domain, visitor ID, and company domain can be blocked from enrichment and downstream actions.

DSR workflow

Access, delete, and opt-out requests are modeled so the admin UI can be added without changing the data layer.

Vendor audit log

Every enrichment attempt is recorded with provider, endpoint, status, cache key, and credit cost.

Default operating policy

  • Never display recommended contacts as the exact visitor.
  • Hash IPs for retention and keep raw IP use limited to immediate enrichment.
  • Log vendor calls and action attempts for auditability and cost control.
  • Require DPA and subprocessor review before enabling production person-level vendors.