Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentEnterprise website platform with integrated CMS, ecommerce, forms, and membership management for organizations.
LiveSite is an enterprise website platform developed by Camelback Consulting, Inc. that provides comprehensive content management, ecommerce, membership management, and online interaction tools. The platform serves as an all in one solution for organizations needing to manage websites with complex requirements including user authentication, payment processing, form submissions, contact databases, calendaring, and custom applications.
Unlike simple website builders, LiveSite offers enterprise features including multi user access controls, integrated contact management, membership portals, event registration systems, payment processing, and custom database applications. Organizations use it to create public websites, member only areas, intranets, extranets, and custom portals.
LiveSite collects data at multiple levels depending on how visitors interact with the website. For basic visitors, the platform collects ISP domain, access timestamps, and pages visited through server logs. Session cookies enable authentication and personalization features.
When users register for membership, submit forms, or make purchases, LiveSite collects and stores personal information including names, addresses, phone numbers, email addresses, and payment information. The platform maintains contact databases that are populated as visitors interact with the site through form submissions, registrations, and purchases.
The platform stores electronic communications, including emails and messages transmitted through its systems. Customer account status, service choices, user preferences, and activity logs are maintained for the duration of the customer relationship. For ecommerce functions, LiveSite processes and stores payment card information, order histories, and transaction records.
Additional data collection may occur through third party integrations configured by the website owner, such as analytics tools, payment processors, or marketing platforms. The specific cookies and tracking depend on which optional features and integrations are enabled for each LiveSite installation.
LiveSite processes personal data as both a data processor (for the platform provider) and enables website owners to act as data controllers. Under GDPR, organizations using LiveSite must ensure they have appropriate legal bases for processing visitor and customer data.
Session cookies used for authentication and basic functionality can typically rely on legitimate interest under Article 6(1)(f) GDPR, as they are necessary for providing the requested service. However, optional cookies, analytics integrations, and marketing tools require user consent under the ePrivacy Directive.
The collection of personal data through forms, membership registrations, and contact databases requires clear purposes and legal bases. For membership systems, this is typically contract performance (Article 6(1)(b)). For marketing communications and contact lists used for campaigns, explicit consent is required.
Organizations must provide privacy notices explaining what data is collected, why, how long it is retained, and what rights users have. LiveSite installations that process large volumes of personal data, handle sensitive categories of data, or systematically monitor users should conduct Data Protection Impact Assessments.
Consent requirements vary based on how LiveSite is configured and what features are active. Strictly necessary session cookies for authentication and shopping cart functionality do not require consent, as they are essential for providing the service the user has requested.
Analytics integrations, marketing cookies, and third party tracking tools integrated into LiveSite websites require explicit consent before activation. This includes any Google Analytics, Meta Pixel, or similar tracking services that may be embedded into the LiveSite installation.
For email marketing and contact list building through LiveSite contact management features, organizations must obtain active consent. Pre checked boxes or implied consent from newsletter signup forms do not meet GDPR standards. Each purpose for data processing requires separate, specific consent.
Member registration forms should clearly explain what data will be collected and how it will be used. Users must be able to complete their primary purpose (e.g., accessing member content) without consenting to optional processing like marketing communications.
LiveSite infrastructure is operated by Camelback Consulting, Inc. in the United States. For European website owners and visitors, this constitutes an international data transfer from the EU/EEA to a third country that does not have an adequacy decision from the European Commission.
Organizations using LiveSite to process EU personal data must implement appropriate safeguards for these transfers. This typically involves Standard Contractual Clauses (SCCs) between the organization and Camelback Consulting. A Transfer Impact Assessment should evaluate whether US surveillance laws could affect data security.
Additional data transfers may occur through third party integrations. Payment processors, analytics services, and other tools added to LiveSite installations may transfer data to their own international infrastructure. Each integration requires separate assessment and appropriate transfer mechanisms.
Privacy notices must inform users that their data will be transferred to and processed in the United States, explain the safeguards in place, and provide information about their rights regarding these transfers.
Implement a cookie consent management solution that blocks non essential cookies until user consent is obtained. Popular solutions like Complianz, Cookiebot, or OneTrust can be integrated into LiveSite websites to manage cookie consent.
Create comprehensive privacy notices accessible from every page. Document all data collection points including forms, membership systems, contact databases, payment processing, and any integrated third party services. Explain retention periods, legal bases, and user rights for each processing activity.
Review all form configurations to ensure they collect only necessary data and include appropriate consent checkboxes. Membership registration should separate mandatory fields from optional marketing opt ins. Contact forms should not auto subscribe users to mailing lists without explicit consent.
Establish data retention policies for different types of information. Configure automatic deletion for outdated customer records, completed event registrations, and expired memberships. Document retention requirements for payment records, which may be subject to accounting regulations.
Implement processes for handling data subject rights requests. Users must be able to access their data, request corrections, obtain copies in portable formats, withdraw consent, and request deletion. LiveSite administrators should know how to export user data, update records, and permanently delete accounts when required.
Review user access controls and permissions to ensure staff members only have access to personal data necessary for their roles. LiveSite granular permission system should be configured to limit data exposure. Regular audits should verify that access rights remain appropriate as staff roles change.
Document data processing agreements with Camelback Consulting and any third party services integrated into your LiveSite installation. Maintain records of processing activities as required by GDPR Article 30, detailing what data you collect, why, how long you keep it, and who has access.
Websites using LiveSite must obtain user consent under GDPR regulations.
DPIA considerations
DPIA recommended when LiveSite processes personal data through forms, membership systems, payment processing, or contact management features. Assessment should cover: data collection points (registration forms, payment forms, contact forms), retention periods for customer and member data, security measures for stored communications and payment information, third-party integrations configured (analytics, payment processors, email services), access controls and user permission systems. High-volume membership or ecommerce implementations warrant particular attention.
Sample consent text
We use LiveSite to power our website and manage user interactions. This platform may set session cookies for authentication and functionality. If you register for membership, submit forms, or make purchases, your information will be processed and stored through LiveSite. For more information, see our privacy policy.
Third-party domains contacted
livesite.com*.livesite.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| PHPSESSID | session | Session (until browser closes) | Maintains user authentication state and session data across pages. Essential for logged-in functionality, shopping cart persistence, and form data retention during the browsing session. |
| livesite_prefs | functional | 1 year | Stores user interface preferences, language selection, and display settings chosen by the visitor. Used to provide personalized experience across visits. |
| cart_token | strictly_necessary | 7 days | Maintains shopping cart contents for e-commerce functionality. Tracks items, quantities, and selections during the purchasing process. |
LiveSite is an essential service, but transparency matters. Manage all your consent with FlowConsent.
Get started freeLiveSite sets session cookies for user authentication and website functionality. These cookies maintain logged in states, shopping cart contents, and user preferences during browsing sessions. The specific cookie names and durations depend on your LiveSite configuration. Additional cookies may be set by third party integrations you have enabled, such as analytics tools, payment processors, or marketing platforms. Contact your LiveSite administrator or review your website cookie policy for the complete list of cookies specific to your installation.
For essential session cookies that enable basic website functionality like authentication and shopping carts, consent is not required under GDPR as these fall under legitimate interest. However, you need explicit consent before activating any optional tracking, analytics, or marketing features. This includes third party integrations like Google Analytics or Meta Pixel. Your consent banner should block these non essential cookies until users actively consent. Membership registration and contact form submissions should clearly explain data usage and obtain separate consent for marketing communications.
The legal basis varies by processing activity. Session cookies rely on legitimate interest (Article 6(1)(f) GDPR) as necessary for the service. Membership registrations typically use contract performance (Article 6(1)(b)) as users are signing up for member services. Contact form processing can use legitimate interest if for responding to inquiries, or consent if for marketing purposes. Email marketing and contact lists require explicit consent (Article 6(1)(a)). Payment processing uses contract performance. You must identify the specific legal basis for each data collection point in your privacy notice.
Yes, LiveSite infrastructure is operated by Camelback Consulting, Inc. in the United States. For EU visitors and customers, this constitutes a data transfer to a third country without an adequacy decision. You must implement appropriate safeguards such as Standard Contractual Clauses with Camelback Consulting. Inform users in your privacy notice that data is transferred to the US, explain the safeguards, and document your Transfer Impact Assessment. Additional transfers may occur through third party integrations you have added to your LiveSite installation.
A DPIA is recommended for most LiveSite implementations that process personal data. It is particularly important if you use membership systems with large numbers of users, process payment information, collect sensitive data categories, or systematically track user behavior. The DPIA should assess data collection through forms, retention periods, security measures, third party integrations, access controls, and international transfers. Organizations subject to GDPR should conduct DPIAs for any processing likely to result in high risk to individuals, which includes most LiveSite installations handling significant personal data.
Start by integrating a cookie consent management platform like Complianz, Cookiebot, or OneTrust that blocks non essential cookies until consent is obtained. Create comprehensive privacy notices accessible from every page. Review all form configurations to ensure minimal data collection and proper consent checkboxes. Establish data retention policies and configure automatic deletion for expired records. Implement processes for handling data subject rights requests including access, correction, portability, and deletion. Configure LiveSite user permissions to limit staff access to necessary data only. Document data processing agreements with Camelback Consulting and all third party integrations.
For organizations requiring website platforms with GDPR compliance, consider European hosted alternatives like Craft CMS (can be hosted in EU), Statamic (can be EU hosted), or open source solutions like WordPress or Drupal deployed on EU infrastructure. For simpler needs, website builders like Webflow offer EU hosting options. The key factor is choosing a platform that can be hosted within the EU/EEA or has valid transfer mechanisms in place. Evaluate based on your specific requirements for membership management, ecommerce, forms, and integrations while considering data residency needs.
Your cookie policy should list all cookies set by LiveSite and any integrated third party services. For each cookie, document the name, purpose, duration, and category (strictly necessary, functional, analytics, or marketing). Explain that session cookies are used for authentication and cart functionality. Detail any analytics cookies, their opt out mechanisms, and consent requirements. Include information about third party payment processor cookies if you use ecommerce features. Update the policy whenever you add new LiveSite features or integrations. Provide clear instructions for managing cookie preferences and withdrawing consent. Link your cookie policy from your consent banner and privacy notice.