Request a Demo

See why 98% of our clients would recommend us.

Desktop On-site and Email Remarketing


 GDPR Content Hub

Whether you’re a reader, watcher or just prefer the visuals – we’ve got you covered.

This page is for general information only and does not constitute legal advice – please consult a lawyer for advice on a specific issue.
Last updated 9 July 2018


SaleCycle & GDPR.

Here at SaleCycle we’re aware of the impact GDPR has upon its, our clients and our clients’ customers.

Along with reviewing our own security measures to gain ISP 270001 compliance, we’ve been actively working with our clients, reviewing websites, privacy statements and privacy policies, and suggesting areas for improvement to help them to be GDPR compliant.

We’ve also built the Marketing Permission Service assist our clients in better managing their website visitors marketing permissions. Our solution is flexible and configured to specific client requirements in many different territories.

Whatever the size of your organisation, GDPR is essentially about trust. Building trusted relationships with the public will enable you to sustainably build your use of data and gain more value. Through changing their data handling culture, organisations can derive new value from customer relationships.

Steve Wood, Deputy Commissioner for Policy at the Information Commissioner’s Office

Frequently Asked Questions.

Got a question not covered here? Drop us a note at [email protected]

01 How does the SaleCycle Service work?

SaleCycle Javascript collects data about website visitors. When the Tag embedded in the webpage loads data is collected by customised hosted JavaScript (bespoke to that particular client’s website) and passed through the Application/Web Tier to the SaleCycle Database. The SaleCycle Database combines the data collected about each website visitor to create a ‘session’. Session data is then passed through a series of processes to determine which message should be displayed to the website visitor.

02 What data / variables do SaleCycle collect?

SaleCycle will collect and process two categories of data from your website. The first allows us to uniquely identify a website visitor (Browser information, IP address, Salutation, First Name, Last Name, Opt in status, Email, Address (Shipping and Billing), Phone Number). The second allows us to understand your visitors journey across your site (Basket ID / Order ID, Subtotal, Title, Currency, Discounts, Shipping, Items, Product ID, Client Product ID, URL, Single Item Price, Category, Tax etc.). This information is required for us to provide our service to you. We do not collect any bank or credit card information.

03 How do SaleCycle collect the data?

The SaleCycle JavaScript code sends the data using HTTPS ensuring that the data is encrypted in transit. The HTTPS certificate we use allows for the highest level of security in the widest range of browsers. We encrypt data using the TLS protocol and default to using the highest version of TLS supported by your visitors’ browsers.

04 Where is the data stored?

Browser-managed local storage caches some visitors’ data on their machines and this data is periodically sent to our servers. Locally stored data is not accessible by any other third party.
Customer data is stored two locations, our CoLo datacentre in London and within the AWS EU-West-1 Region (Dublin). Both locations are ISO 27001 accredited. We also conduct annual third party Penetration Tests on all SaleCycle production systems.
Access to data is restricted to authorised personnel only.

05 What do SaleCycle use the data for?

The personally identifiable data that we collect from your site is used only to provide the contracted SaleCycle service to you. We do not use it for any other purpose.

06 How long do SaleCycle hold the data for?

We hold personally identifiable data only for as long as is required and as a general policy we do not retain personally identifiable data for longer than six months. For transactions that can be claimed by SaleCycle for commissioning purposes, the conversion details may be retained longer to satisfy audit and accounting requirements.

07 Do SaleCycle share our data with other clients?

We do not share your customer data with any other clients. Even if two clients have a common customer, these are treated as separate customers and contact history, preferences etc. are maintained completely separately.

08 Do SaleCycle share the data with anyone else?

We only share personally identifiable information with trusted 3rd Parties to facilitate the service that you have contracted for. SaleCycle select these suppliers, or in the case of ESP’s, we are able to use your existing provider.

Where we use your ESP we will ensure we follow the same secure process you currently employ to send data to them. If you elect to use one of our vetted ESP partners, you can be assured we will follow security best practices.

See the following list of third party suppliers:

Digital Realty – Physical Hosting Data Centre Services
Amazon Web Services – Cloud Hosting, data processing and ESP
Qubole – Data Analysis Service
Google G-Suite – Corporate email solution and hosted file storage solution
Salesforce – CRM Software – used to support our Sales Process
Freshdesk – Helpdesk SAAS product

09 Can SaleCycle supply us with a copy of the data?

As per our privacy policy, on your written request we will (within 30 days of such a request being received) supply to you, details of the personal information which we hold about your website visitors. You must explain to us clearly the information you require. The means by which secure access is granted will depend on the volume of data to be transferred. Depending on the volume of data, we reserve the right to charge for this transfer.

10 How & when are customer records currently deleted?

Personal Data is held for a maximum of 6 months within our system and then deleted via scheduled jobs, retention policies or TTLs.


Marketing Permission Service

Keep your marketing campaigns compliant.

Not only can our Marketing Permission Service help to supercharge your SaleCycle campaigns but could also help you to manage compliance for your own marketing messages.

Learn More

Related Resources.

What Is GDPR and How Does It Affect You?

What is GDPR and why it matters for business.

Read Now

Source: SaleCycle Blog

General Data Protection Regulation

Numerous articles addressing GDPR.

Read Now

Source: ICO Blog

How Will GDPR Affect Non-EU Businesses?

SaleCycle’s Legal Counsel offers insights into GDPR.

Read Now

Source: SaleCycle Blog

Don’t Forget the PECR in Your GDPR Planning

How the legislation will affect marketers.

Read Now

GDPR – Sorting The Fact From The Fiction

Not everything you read or hear about the GDPR is true.

Read Now

Source: ICO Blog

Guidelines on Profiling and Breach Reporting

Published by The Article 29 Working Party.

Read Now

Source: ICO Blog

Evolution not Revolution

GDPR is an evolution in data protection, not a revolution.

Read Now

Source: ICO Blog

Setting the Record Straight

Fact vs Fiction on data breach reporting.

Read Now

Source: ICO Blog

The Truth About Consent

Consent is not the ‘Silver Bullet’ for compliance.

Read Now

Source: ICO Blog

Processing Legitimate Interest

Detailed guidance on the lawful basis for processing legitimate interest.

Read Now

Source: ICO

12 Steps to Take Now

This checklist highlights 12 steps you can take now to prepare for the GDPR.

Read Now

Source: ICO

Legitimate Interests

Can you rely on Legitimate Interests as a lawful basis for processing personal data?

Read Now

Source: Data Protection Network

Overview of the GDPR

Key themes of GDPR to understanding the new legal framework in the EU.

Read Now

Source: ICO

A Practical Guide

Understand customer profiling, processing and consent.

Read Now

Source: Opt-4 & BlueVenn

GDPR Checklist

Designed specifically for data controllers.

Read Now

Source: ICO

GDPR Checklist

Specifically designed for data processors.

Read Now

Source: ICO

Best Practices for Compliance

Learn how GDPR affects your company and best practices for data storage.

Watch Now

[Video Panel] GDPR: The Next 12 Months

Tips to making the next 12 months are as pain free as possible.

Watch Now

Balancing Experience with Privacy & Security

How can you still create engaging experiences for customers under GDPR.

Watch Now

How Will GDPR Affect Non-EU Businesses?
Reevoo Logo and Rating

Find out why 98% of SaleCycle clients would recommend us.