At Salespanel, we take data privacy and security very seriously. As a GDPR-compliant platform, we ensure that all data collection and processing activities are transparent, lawful, and aligned with your instructions as the data controller. Below, we answer three of the most common questions we receive from customers regarding our data collection methodology, purpose of use, and legal basis.
1. Data Collection Methodology
Salespanel acts strictly as a data processor. We only process data on behalf of our customers (the data controllers) when the Salespanel tracking code is installed on a website.
- When is data collected?
Data is collected during visitor interactions with your website (e.g., page views, browsing activity, form submissions) once appropriate consent has been provided. - Who manages consent?
Consent management lies with the controller. Salespanel integrates with your consent management solution to ensure data is only collected after valid consent is obtained in accordance with GDPR. - What data sources are involved?
Primarily website interactions and voluntarily provided inputs (e.g., form completions). There is no hidden or independent data collection beyond what is permitted by the controller and consented to by the visitor.
2. Purpose of Data Use
The personal data collected through Salespanel is used only for analytics, lead qualification, and attribution purposes.
- Lead Identification & Qualification: Tracking visitor activities to help identify and qualify potential leads.
- Journey Analytics: Understanding how prospects interact with website content and marketing assets.
- Attribution: Linking marketing touchpoints to business outcomes for accurate performance measurement.
Important notes:
- Data is used exclusively for internal business purposes and is never shared with advertising networks.
- Only first-party cookies are used.
- Data is stored in a fully encrypted environment with ECDSA Signature and SHA-256 for secure exchange.
- The default data retention period is 365 days, customizable based on your InfoSec or compliance needs.
- Visitors can withdraw consent at any time by contacting the controller or Salespanel directly.
3. Legal Basis
Salespanel’s data processing is aligned with GDPR and conducted under the following legal bases, depending on the controller’s implementation:
- User Consent – Collected only when valid consent is obtained via the controller’s consent management flow.
- Contractual Necessity – Processing that is necessary to provide the Salespanel service under customer agreements.
- Legitimate Interest – In certain cases, for website analytics and lead qualification, provided this does not override user rights.
Salespanel’s role as a processor is governed by our Data Processing Agreement (DPA), compliant with Article 28 of GDPR, and our public GDPR Compliance statement:
By following this methodology and framework, Salespanel ensures that all data collection and processing activities are transparent, secure, and legally compliant.