Supademo Docs
Ask or search…

General Security

To see our full policy on data security and policy (including GDPR), please visit

Our Approach to Privacy and Security

By default, both internal and external tracking (i.e. Supademo metrics, Google Analytics) are removed from a Supademo when it is accessed through an embed (iFrame) on an external site. An embedded Supademo does not collect any personal information or data that could identify the end customer. This includes names, emails, or IP tracking information.
Tracked events such as the number of views, hotspot clicks, or CTA clicks, are fully anonymized and can not be used to identify the end user.

Tracking for external iFrames and Embeds

To comply with GDPR, companies must obtain user consent before using cookies on their websites. This is typically done through a small UI element that notifies the user that cookies are being used. When Supademo is embedded, it tracks user interactions such as hotspot or CTA clicks to generate data for its Analytics dashboard.
However, when Supademo is embedded as an iframe, it cannot automatically inherit the host website's consent settings. Asking for multiple consents would result in a poor user experience as multiple consent requests would be needed (one for the website and one for each embedded demo).

GDPR and Data Privacy

Personal Data
Supademo does not collect Personal Information indiscriminately. We limit the type of Personal Information and the amount of Personal Information to what is necessary to fulfill the purposes identified in our Privacy Policy. Overall, we aim to minimize any data that we collect and process.
Security and Privacy
As an organization, Supademo has implemented technical and organizational measures such as encryption, access controls, and data backups to ensure security.
Data privacy and security measures are implemented throughout the entire development and cloud storage process, from the initial design to the final deployment stage.
Your data is stored in the United States and is encrypted with industry-leading cloud vault standards. Supademo has a data protection officer that oversees GDPR compliance. To connect with the data representative, please email [email protected].
Access to Data
Supademo users have the ability to access their personal data, which they can request to download or delete at any time. Deletion requests are executed within 30 days of the initial request.