All Collections
Security & Privacy
What data does Chameleon collect and why
What data does Chameleon collect and why

Chameleon doesn't collect personally identifiable data by default

Pulkit Agrawal avatar
Written by Pulkit Agrawal
Updated over a week ago

If you're looking for information about what analytics are available within Chameleon, then read this.

As part of the EU GDPR (read more about how Chameleon is compliant here) organizations are required to provide a clear lawful basis for processing personal data. 

Chameleon collects personal data, such as email address (when signing-up for the service here) to enable Chameleon to uniquely identify customers and help them access their account, and all data associated with it. The basis of this is legitimate interest to help Chameleon deliver it's core service. 

Chameleon also collects other personal data, on the basis of consent, to provide interest people more information about Chameleon's product and other related and relevant content. Examples of this include:

  • Phone number (if requesting a demo here)

  • Email address (when subscribing to our blog here)

Chameleon also collects cookie information about users to help identify them to other services. Learn more about which vendors Chameleon uses, their GDPR compliance, privacy terms and opt-outs here

Chameleon is GDPR compliant and offers customers their individual rights to access, delete and modify their data etc. You can learn more information about how to do that here

Customers can send Chameleon data about their users, to help show more targeted and relevant content, and to assess which users engaged with Chameleon tours. The legal basis for Chameleon processing this data is legitimate interest (to help provide Chameleon's service). 

To learn how to send user data to Chameleon please read this

Chameleon helps customers fulfill their obligations to their users, by offering various methods to access, delete and modify this data. You can learn more information about how to do that here.

Chameleon does not collect any personal data of end users by default. When the Chameleon code snippet is loaded on a customer's software page, the only data Chameleon obtains by default is user agent  and URL

When using a button "action" to fire a click on an element, Chameleon also collects CSS selector  information to better identify the specific element. Learn more about this here

To learn how to send user data to Chameleon please read this.  

As per GDPR's recommendations, Chameleon has completed a Data Protection Impact Assessment to help us identify and minimize data protection risks within our systems. 

Cookies: Chameleon does not use cookies for any accounts created after Oct 2022, for accounts created before this time we use cookies for accounts that use Tour shortlinks (a now-deprecated feature that generated a short link i.e. A Tour shortlink triggers a Chameleon Experience on page load. Contact us if you're unsure if your account is using Tour shortlinks.

localStorage: Local storage is used in three main ways (all are essential to the function of Chameleon).

  • First, localStorage is used to keep track of progress through a Chameleon Experience in order to manage state across different tabs and browsing sessions (i.e. which step of a multi-step Tour).

  • Second, for the temporary storage of "not yet synced" data about the performance of a Chameleon Experience (the Microsurvey response you selected or the button you clicked on).

  • Third, localStorage is used to know which user is currently identified to Chameleon. This allows Chameleon to know when the identified user is changed in order to clear the Chameleon keys in localStorage.

Chameleon uses the practice of data minimization to only track and store data essential to the function and performance of your Chameleon Experiences.

More information

You can learn more in the following places, although these are currently being updated to comply with the GDPR regulations by May 25, 2018.

Did this answer your question?