Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
ClickFunnels is a US sales funnel builder used to host landing pages, opt in pages, upsell flows and one click checkouts for info products, coaching and ecommerce. Pages run on ClickFunnels infrastructure, set funnel_session and contact identifier cookies and typically embed Facebook Pixel, Google Ads and Stripe scripts. As a hosted marketing funnel, it requires prior consent under the GDPR and the ePrivacy Directive.
ClickFunnels is a US sales funnel builder created by Russell Brunson in 2014. It hosts landing pages, opt in pages, upsell flows, membership areas and one click checkouts for digital products, coaching, online courses and ecommerce. Funnels run on ClickFunnels infrastructure under myclickfunnels.com or a custom domain pointed to ClickFunnels.
ClickFunnels pages set the funnel_session, _cfduid (Cloudflare anti bot) and contact_uuid cookies, plus typically third party Facebook Pixel and Google Ads cookies when those integrations are enabled. Form submissions, UTM parameters and Stripe transactions are stored on ClickFunnels servers.
ClickFunnels writes non strictly necessary cookies, tracks visitors across funnel pages and frequently loads third party advertising trackers, all of which require prior consent under Article 5(3) ePrivacy. Form submissions trigger GDPR processing of personal data on US infrastructure that needs an Article 6 legal basis (typically consent for marketing or contract performance for purchases).
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Because pages are hosted by ClickFunnels, you cannot easily install a third party CMP. Use the ClickFunnels custom code injection to add a CMP, disable Facebook Pixel and Google Ads integrations until consent is granted, and exclude European traffic from any tracker that cannot be gated. Consider point of sale double opt in for memberships.
ClickFunnels Inc. (Etison LLC) operates on AWS in the United States. The transfer must rely on the EU U.S. Data Privacy Framework or Standard Contractual Clauses signed in the ClickFunnels DPA, plus disclosure in the privacy policy.
Sign the ClickFunnels DPA, inject a CMP via custom code, disable Facebook Pixel/Google Ads tags by default, set retention on contacts and orders, document ClickFunnels Inc. as a processor with US transfer and update the privacy policy to mention the funnels, the cookies and the third party pixels.
Websites using ClickFunnels must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is recommended when ClickFunnels is used at scale with embedded ad pixels, lead enrichment via UTMs containing email or phone, or when sensitive products (coaching, health, finance) are sold to European audiences.
Sample consent text
Our sales funnel is hosted on ClickFunnels. With your consent, ClickFunnels will set cookies on your device, record your funnel steps and forward your interactions and form submissions to ClickFunnels Inc. in the United States. You can refuse or withdraw your consent at any time from the cookie settings.
Third-party domains contacted
myclickfunnels.comclickfunnels.comcf-resources-public.s3.amazonaws.comapp.clickfunnels.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| funnel_session | first_party | session | Stores the visitor's state inside a ClickFunnels funnel (current step, A/B variant) for the duration of the session. |
| _cfduid | third_party | 30 days | Cloudflare anti bot cookie set on funnel domains to mitigate automated traffic. |
| contact_uuid | first_party | 1 year | Persists a contact identifier to associate funnel events to the same lead across visits. |
| cf_affiliate_id | first_party | 90 days | Stores the affiliate referrer for ClickFunnels affiliate program attribution. |
ClickFunnels places tracking cookies for advertising — comply with GDPR using FlowConsent.
ClickFunnels sets the funnel_session, _cfduid (Cloudflare anti bot) and contact_uuid cookies on the funnel domain. Embedded Facebook Pixel and Google Ads tags drop their own third party cookies when enabled.
Yes. The cookies are not strictly necessary, the platform tracks visitors across funnel steps and frequently embeds advertising pixels, so prior consent is required under Article 5(3) ePrivacy.
Consent for cookies, profiling and marketing emails. Contract performance for paid orders. Legitimate interests can support fraud prevention but not the advertising side.
Yes. ClickFunnels Inc. (Etison LLC) operates on AWS in the US. The transfer relies on the EU U.S. Data Privacy Framework or Standard Contractual Clauses signed in the ClickFunnels DPA.
A DPIA is recommended at scale, with embedded ad pixels, lead enrichment via UTMs containing email or phone, or when sensitive products are sold to European audiences.
Sign the DPA, inject a CMP through custom code, disable Facebook Pixel and Google Ads by default, exclude EU traffic from non gateable trackers, set retention on contacts and orders.
Other funnel and landing page builders include Webflow (US, Webflow Cloud EU regions), Unbounce (Canada/US), Instapage, Systeme.io (France) or self hosted Cloudflare Pages with Stripe checkouts.
Add a section that names ClickFunnels, lists the cookies (funnel_session, _cfduid, contact_uuid) with purpose and duration, mentions the third party pixels enabled and discloses the transfer to ClickFunnels Inc. in the United States.