Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Fomo is a social proof marketing tool that displays popups about recent purchases, sign ups or live visitor activity on a merchant site. Its JavaScript widget loads from fomo.com, sets fomo_uid cookies, captures impression and click events and may display personal data of past customers (first name, city) extracted from the merchant's ecommerce backend. As a marketing widget with cross site tracking and US transfers, it requires prior consent under the GDPR and ePrivacy Directive.
Fomo (now part of Justuno) is a social proof marketing tool launched in 2016. It displays small popups in the corner of an ecommerce site to notify visitors about recent purchases, sign ups, downloads or live activity. Fomo integrates with Shopify, WooCommerce, Magento, BigCommerce, Stripe and Zapier, and is widely used by direct to consumer brands to boost conversion.
The Fomo widget writes the fomo_uid cookie on the merchant domain to recognise repeat visitors and to deduplicate notification displays. Impression and click events are forwarded to Fomo servers. The popup content itself often contains personal data of past customers, such as first name and city, fetched from the merchant''s order data.
The fomo_uid cookie is not strictly necessary; Article 5(3) ePrivacy requires prior consent. The display of past buyers'' first name and city is processing of personal data under the GDPR and needs an Article 6 legal basis. Even when first name and city alone do not identify a single person, the combination with the product purchased, the time of purchase and the merchant context can become identifying.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Block the Fomo widget through your CMP until consent is granted. Apply data minimisation: configure Fomo to display only an initial of the first name, no last name, no exact city for small areas, and to respect a customer opt out (do not display their order). Capture clear customer consent at checkout to be quoted in social proof notifications.
Fomo is operated by Justuno Inc. on AWS in the United States. The transfer of visitor and customer data must rely on the EU U.S. Data Privacy Framework or Standard Contractual Clauses signed in the Fomo DPA, with disclosure in the privacy policy.
Sign the Fomo / Justuno DPA, gate the widget on a CMP signal, configure data minimisation, capture social proof consent at the order step, set retention on impression events and document the US transfer in the privacy policy and the records of processing.
Websites using Fomo must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA can be relevant when Fomo notifications display first name and city of recent buyers (which may identify them, especially in small towns), when integrations push detailed order data to Fomo or when behavioural retargeting is configured.
Sample consent text
We use Fomo to display social proof notifications. With your consent, Fomo will set tracking cookies on your device, log displayed events and transfer the data to Fomo / Justuno Inc. in the United States. You can refuse or withdraw your consent at any time from the cookie settings.
Third-party domains contacted
load.fomo.comfomo.comapi.fomo.comcdn.fomo.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| fomo_uid | first_party | 1 year | Visitor identifier set by the Fomo widget on the merchant domain to recognise repeat visitors and prevent showing the same notification multiple times. |
| fomo_session | first_party | session | Session identifier used by Fomo to attribute impressions and clicks to a single visit. |
Fomo places tracking cookies for advertising — comply with GDPR using FlowConsent.
The Fomo widget writes the fomo_uid cookie on the merchant domain to recognise repeat visitors and deduplicate notifications, plus a session cookie used for impression tracking.
Yes. The cookie is not strictly necessary, the widget tracks visitors and the popup content can include personal data of past customers, so prior consent is required under Article 5(3) ePrivacy and Article 6(1)(a) GDPR.
Consent for the widget cookies and the display of personal data of past customers in popups. Order processing for past customers relies on contract performance, but the social proof reuse needs an additional consent at checkout.
Yes. Fomo runs on Justuno Inc. AWS infrastructure in the United States. The transfer relies on the EU U.S. Data Privacy Framework or Standard Contractual Clauses signed in the Fomo DPA.
A DPIA can be relevant when popups display first name and city of recent buyers, especially in small towns where this can identify them. It is also recommended when integrations push detailed order data to Fomo.
Sign the Fomo DPA, gate the widget on a CMP signal, configure data minimisation (initials, no exact city), capture social proof consent at checkout, set retention on impression events and disclose the US transfer in the privacy policy.
Other social proof tools include ProveSource (Israel), Notify (UK) or self hosted social proof scripts that pull anonymised data from your own backend without third party processors.
Add a section that names Fomo, lists the fomo_uid cookie with purpose and duration, mentions the display of customer data in popups and discloses the transfer to Fomo / Justuno Inc. in the United States.