Data Privacy
Integr8 is built for performance marketers who operate across jurisdictions with active data protection laws. This page covers how Integr8 handles personal data and what compliance posture you can expect.
What Integr8 collects
When a click or conversion is processed, Integr8 logs the following data points:
| Data type | Example | Purpose |
|---|---|---|
| IP address | 192.168.1.x | Geo-targeting, fraud detection |
| User agent | Browser/OS string | Device targeting, fraud signals |
| Email address | user@domain.com | Conversion attribution |
| Transaction ID | txn_abc123 | Click-to-conversion matching |
IP address handling
By default, Integr8 stores the full IP address for fraud detection and geo-targeting. You can enable partial IP obfuscation to mask the last octet (e.g., 192.168.1.x) in reports and logs. This satisfies GDPR data minimization requirements for most use cases while preserving geo accuracy.
To enable IP obfuscation, see Data Privacy Features.
Email address handling
Email addresses passed via conversion postbacks are hashed before storage using SHA-256. Raw email addresses do not appear in reports or logs — only the hash is visible, and only to account Admins with the appropriate permission level.
GDPR compliance
Integr8 supports GDPR compliance through:
- Data minimization — obfuscate or exclude personal data fields you do not need
- Right to erasure — contact support@integr8.co to request data deletion for a specific user identifier
- Data processing agreement — available on request for EU-based accounts
- Data retention — configurable per account; default is 12 months for raw event logs
CCPA
For California-based operations, Integr8 supports opt-out of sale of personal data via a do_not_sell=1 parameter in your tracking links. When present, Integr8 excludes that click from any data sharing integrations.
Related
For step-by-step instructions on enabling specific privacy controls, see Data Privacy Features.