General Data Protection Regulation (GDPR)
Yes, Clicky is GDPR compliant!
The General Data Protection Regulation (GDPR) is an European Economic Area
("EEA") law on data protection and privacy for all individuals within the EEA. This law went into effect May 25, 2018, and aims primarily to give control to citizens and residents over their personal data by requiring they "opt in" before having any personal data sold or tracked, and granting them the right to view and/or delete all personal data in possession by any company, with some exceptions. It also addresses the export of personal data outside the EEA.
The GDPR extends the scope of EEA data protection law to all foreign companies processing data of EEA residents. It provides for a harmonization of the data protection regulations throughout the EEA, thereby making it easier for non-European companies to comply with these regulations.
In other words, the law protects every EEA citizen when they visit your web site, no matter where you, your web site, or your business is located. Hence, our default privacy settings are strict and the only "personal data" logged by default is a randomly generated Unique ID (UID) stored in a cookie.
GDPR considers a UID to be "personal data", even though it does not identify who you are or reveal anything else about you. However, per Article 6 of the GDPR, use of this cookie does not require a visitor's direct consent because it is "necessary for the purposes of the legitimate interests" of a web site using the service (knowing how many unique visitors access a site is a vital statistic and hence a "legitimate interest").
We are not lawyers and this is not legal advice. Consult your attorney.