# GDPR Compliance

Storylane is GDPR compliant and our DPA is available in the Storylane [Trust Center](https://trust.storylane.io/).

### 👉 **Can Storylane Demos Withhold Tracking Until Consent is Granted?**

To meet [GDPR requirements](https://gdpr.eu/what-is-gdpr/), Storylane offers options to manage tracking based on user consent. When a demo is embedded on a website that requires consent to track cookies, Storylane’s setup allows tracking to be paused until the user gives consent.

Storylane’s tracker uses cookies to understand user interactions within demos. While no personally identifiable information (PII) is collected, these cookies provide insights into user behavior, which is considered personal data under GDPR.

Websites that require cookie consent will display a user interface (UI) element prompting visitors to accept or decline cookies. This UI component can vary in complexity, offering users choices regarding analytics, marketing, or other tracking categories.

{% hint style="info" %}
Applies only to embedded demos. Direct demo links (Storylane URLs) are tracked normally.
{% endhint %}

### 👉 **Storylane’s Approach to “Do Not Track”**

Storylane provides an option to disable tracking until a user consents to cookie use on the host website. By default, user activities such as clicks and navigation within Storylane demos are recorded to deliver analytics to our customers. However, we recognize that in certain cases, users might want to limit tracking until consent is explicitly granted.

**Steps to Enable Do Not Track**:

<figure><img src="https://2431356420-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FN8hWd9k2Pbb6YSWO4pUQ%2Fuploads%2FQyZ7h9mYpPEIRfi63Kfk%2Fimage%20(25).png?alt=media&#x26;token=b8a3ec4a-22aa-40d9-8d4f-0d881b7b0c88" alt=""><figcaption></figcaption></figure>

1. In your Storylane account, navigate to the “Settings” page, then "Workspace", lastly "Config".
2. Toggle the **Disable Tracking on Demos** option to prevent tracking without explicit consent.
3. Once enabled, no user activity within Storylane embedded demos will be recorded until the user approves tracking.

This option is available on all Storylane plans.

### 👉 **Implementing User Consent for Tracking in Storylane Demos**

If your website requests users' consent for cookie usage, Storylane can honor this consent once it is granted. However, enabling this feature requires a small code snippet on your website to communicate the consent status to embedded Storylane demos.

#### **Sequence Diagram of How This Works:**

* The user interacts with the Site and sees a cookie consent banner.
* If the User approves, the Site sends consent approval to Storylane via a postMessage event.
* Storylane receives the message and begins tracking user interactions within the demo.

<figure><img src="https://2431356420-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FN8hWd9k2Pbb6YSWO4pUQ%2Fuploads%2F8frYEj9SRynenuCPmpvK%2Fimage%20(26).png?alt=media&#x26;token=a9830c6d-05c2-43eb-8c6a-74443b258510" alt=""><figcaption></figcaption></figure>

### 👉 **Code Snippet for Consent Communication**

To inform Storylane that consent has been provided, insert this JavaScript after the user consents:

```javascript
<script>
window.addEventListener('message', e => 
  e.data?.message === 'storylane-demo-event' && 
  e.source?.postMessage({message: 'storylane-cookie-consent'}, e.origin)
);
</script>
```

When this code executes, all interactions within Storylane demos are sent to the analytics server only if consent has been granted.

### 👉 **Data Security and Privacy Standards**

Storylane applies advanced security practices to protect all user data:

* Data Encryption: All data is encrypted during transmission and storage.
* Access Control: Access to personal data is limited to authorized personnel only.
* Regular Audits: Our systems undergo regular security audits to maintain GDPR compliance and data integrity.

### 👉 **Contact for GDPR Compliance and Support**

If you have questions about GDPR compliance or need help managing consent in Storylane demos, please contact us via <privacy@storylane.io>.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.storylane.io/trust-and-security/gdpr-compliance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.