Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Funnelytics is a marketing analytics platform that lets growth teams map sales funnels, track each step (landing pages, opt ins, checkouts, upsells) and visualise conversion and revenue at every stage. Its tracking script writes a visitor identifier in cookies and local storage and reports page views, form submissions and revenue events back to Funnelytics Inc. As a marketing analytics tool, it requires prior consent under the GDPR and the ePrivacy Directive.
Funnelytics is a marketing analytics platform that targets info product, coaching and ecommerce funnels. Marketers map their funnel visually on a canvas, install the Funnelytics tracking script on each page and watch real conversion, drop off and revenue numbers populate over the diagram. The tool is heavily used by growth agencies for attribution and reporting.
The Funnelytics script writes _ftrack and __funnelytics cookies on the funnel domains and a visitor UUID in local storage. When a user submits a form with their email, Funnelytics links the previously anonymous visitor identifier to the email, turning the funnel data into identifiable behavioural data. UTM parameters carrying email or phone in the URL further identify the user.
Funnelytics qualifies as marketing analytics, not strictly necessary measurement: the cookies are not exempted under the EDPB guidelines on Article 5(3) ePrivacy. Prior, specific and informed consent is therefore required before the tracker fires. The GDPR processing is based on consent under Article 6(1)(a).
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Block the Funnelytics script through your CMP until the marketing category is accepted. Avoid putting raw email addresses or phone numbers in URL parameters; use hashed identifiers if Funnelytics needs to recognise repeat visitors across funnel pages. Configure Funnelytics to anonymise IP addresses where the option is exposed.
Funnelytics Inc. is established in Canada and runs its production on AWS / GCP infrastructure, primarily in the United States. Canada benefits from an EU adequacy decision but the US transfer must rely on the EU U.S. Data Privacy Framework or Standard Contractual Clauses. Disclose the transfer in the privacy policy.
Sign the Funnelytics DPA, gate the tracking script on consent, set retention policies for visitor and revenue events, document Funnelytics Inc. as a processor in your records of processing and update the privacy policy to mention funnel analytics, the cookies, the email enrichment and the transfers.
Websites using Funnelytics must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is recommended when Funnelytics is paired with email enrichment, attribution across paid channels or behavioural scoring, due to the cross page profiling, the email PII passed via UTM parameters and the transfers to North America.
Sample consent text
We use Funnelytics to analyse our marketing funnel. With your consent, Funnelytics will set a tracking cookie on your device, record your steps in our funnel and transfer the data to Funnelytics Inc. in North America. You can refuse or withdraw your consent at any time from the cookie settings.
Third-party domains contacted
track.funnelytics.ioapp.funnelytics.iocdn.funnelytics.ioapi.funnelytics.ioCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| _ftrack | first_party | 1 year | Stores the Funnelytics visitor identifier on the funnel domain to recognise the visitor across funnel steps. |
| __funnelytics | first_party | 1 year | Persists session and attribution data (UTM parameters, referrer) used by Funnelytics to attribute conversions and revenue to the right source. |
| __funnelytics_session | first_party | session | Session identifier used by Funnelytics to group page views into a single visit. |
Funnelytics places tracking cookies for advertising — comply with GDPR using FlowConsent.
The tracking script sets the _ftrack and __funnelytics first party cookies on the funnel domains, plus a visitor UUID stored in local storage to recognise repeat visits across funnel pages.
Yes. Funnelytics is marketing analytics and not exempt under EDPB guidelines on Article 5(3) ePrivacy, so prior, specific and informed consent is required before the tracker fires.
Consent is the only suitable legal basis for the tracking and the cross page profiling. Legitimate interests cannot be used because the processing identifies users and enriches them with email data submitted later in the funnel.
Yes. Funnelytics Inc. is in Canada and runs production on AWS/GCP, primarily in the United States. Canada has an EU adequacy decision; the US transfer relies on the EU U.S. Data Privacy Framework or Standard Contractual Clauses.
A DPIA is recommended when Funnelytics is paired with email enrichment, paid attribution or behavioural scoring. Pure aggregated funnel analytics with consent and minimal PII is lower risk.
Sign the Funnelytics DPA, gate the script on consent, hash any user identifier passed via UTM parameters, set retention policies on visitor and revenue events, and document Funnelytics Inc. in your records of processing.
Privacy friendlier funnel analytics include Plausible Goals (EU hosted, cookieless), Matomo with goals and ecommerce tracking (self hosted EU), or PostHog open source running on your own servers.
Add a section that names Funnelytics, lists the cookies (_ftrack, __funnelytics) with purpose and duration, mentions the email enrichment and the transfer to Funnelytics Inc. in North America.