Visão Geral
CrazyEgg is a website optimisation tool that provides heatmaps, scroll maps, click reports, and session recordings to help organisations understand how users interact with their web pages. It captures detailed interaction data including mouse movements, click positions, and scroll depth, which is visualised through overlay reports on page screenshots. CrazyEgg is often deployed by marketing and UX teams seeking quick visual insights without the complexity of full analytics platforms. Like all session recording tools, it carries elevated data protection risk because it can inadvertently capture personal data displayed on screen or entered into form fields.
Capacidades de Detecção
- Signature count
- 2
- Detection methods
- network
Impacto no Desempenho
Impacto no Desempenho
- Tamanho do script
- 20 KB
- Requisições por página
- 2
Erros Comuns
- 1 Deploying CrazyEgg without explicit consent, treating it as a basic analytics tool when session recordings and heatmaps constitute more intrusive data processing
- 2 Not configuring input field masking, allowing CrazyEgg to capture sensitive data entered into forms such as passwords, payment details, and personal information
- 3 Failing to conduct a data protection impact assessment before deployment, which is typically required for session recording tools under GDPR Article 35
- 4 Running CrazyEgg on all pages including those displaying sensitive data (account balances, health information, personal details) without page-level restrictions
- 5 Not informing users about session recording in the privacy notice, violating GDPR transparency requirements
Considerações de Conformidade
CrazyEgg sets first-party cookies and transmits interaction data including mouse movements, clicks, and scroll behaviour to CrazyEgg servers in the United States. Session recordings can capture personal data visible on screen, making this a higher-risk processing activity under GDPR. European DPAs generally consider session recording tools to require explicit consent under the ePrivacy Directive, as they go well beyond what is strictly necessary for providing the service. Organisations should ensure CrazyEgg is blocked until explicit consent is granted, configure comprehensive input field masking, restrict recording to non-sensitive pages, and conduct a DPIA before deployment. Data transfers to the US should be assessed against the EU-US Data Privacy Framework requirements.
Serviços Relacionados
Fullstory
High Fullstory
Digital experience analytics platform providing session replay, heatmaps, and event analytics. Captures user interactions including clicks, scrolls, and form inputs to analyse user behaviour and identify friction points.
1 assinatura de detecção
Glassbox
High Glassbox
Digital experience analytics platform providing session replay, interaction maps, and struggle detection. Captures user sessions to identify UX issues, conversion blockers, and application errors across web and mobile.
1 assinatura de detecção
Hotjar
High Contentsquare (Hotjar)
Behaviour analytics platform providing session recordings, heatmaps, and on-site surveys. Captures mouse movements, clicks, scrolls, and form inputs in real time. Now part of Contentsquare. Among the highest-risk analytics tags - session recordings can inadvertently capture sensitive personal data displayed on screen.
6 assinaturas de detecção
LogRocket
High LogRocket
Session replay and product analytics platform. Records user sessions including DOM changes, network requests, and console logs. Provides error tracking, performance monitoring, and user journey analysis.
1 assinatura de detecção
Precisa de ajuda para governar CrazyEgg?
Nosso diagnóstico de governança identifica lacunas de conformidade em todo o seu conjunto de tags.
Inicie seu Diagnóstico de Governança