Privacy policy

Your privacy

In accordance with our ISO 27001 certification, we at Foleon believe that safeguarding personal data is of paramount importance in the execution of our activities. We, therefore, want to give you clear and transparent insight into how we process personal data from clients, contacts, and website visitors.

When processing personal data, we hold to the roles and regulations as stated in the General Data Protection Regulation (GDPR).

We have assigned a Data Protection Officer for any kind of inquiries related to our GDPR efforts, who can be contacted by email at


Our role as a Controller

Personal data

There are various purposes for Foleon to gather, store, and process personal data, all aimed at maintaining and improving our level of support.


Security of personal data

Foleon ensures adequate security of the personal data that it holds, in line with the applicable legal requirements and guidelines.


Contact data storage limitation

Foleon stores personal data that it processes no longer than is necessary or required for the purposes of data processing and availability. We have a standard retention period of 90 days. Different standards apply to customer related information.


We gather personal data when a person is:

  • Subscribing to our blog and/or news updates.
  • Signing up for webinars and/or internal events.
  • Requesting a demo, a mock-up, or access to gated content assets.
  • Starting a trial.
  • Purchasing licenses and additional Products and Services.
  • Communicating with our Client Services departments.
  • Working in our editor and visiting our website.


We process personal data when:

  • Working in the editor, for personalization and user experience optimization purposes.
  • Following up on correspondences (live chat, email or phone inquiries).
  • Informing clients about product and blog updates via owned media.
  • Executing internal analyses for product development, market research, and user behavior research.
  • Applying remarketing and display advertising features within Google Analytics and Google AdWords, as well as platforms like Facebook. We collect the data to inform, optimize, and serve ads based on someone's past visits to our website.


The following personal data is gathered and processed:

In our editor:

  • When purchasing a license and/or additional services in our store, specific payment-related information is required to enable the purchase.
  • When adding additional users to an existing account, we require the following user details: First name, last name, email address and telephone number.
  • User activity, such as login frequency. This will help us to understand user engagement within the editor, enabling us to anticipate on a potential need for support.


  • Email and phone communications.
  • Support requests created and resolved, via Intercom.
  • Updates on given feedback of the product given through Intercom and/or Productboard.
  • Chat threads, via Hubspot.

Trial, demo, and mock-up request:

  • We require a form completion, containing first name, last name, email address, phone number, company name, and industry before we send the activation link.

Blog and product subscriptions:

  • Subscribing and unsubscribing from blog and product updates. Hubspot, Mailchimp, and Sumo are the tools used to manage the subscription process.
  • Email opens and clicks. Hubspot is used to record this.

Event subscriptions:

  • For subscribing to webinars, learning sessions, internal events, and gated content, we require the following contact details: first name, last name, email address, and phone number.

Internal analyses:

  • We gather anonymized data with Google Analytics and Microsoft Clarity. We use LogRocket to monitor user-specific data, but only when we have a client’s opt-in in place.

Remarketing and display advertising:

  • We have Google, LinkedIn, and Facebook tracking pixels in place to serve ads to former site visitors and to find visitor profile look-a-likes, who we can serve ads on Google, Google’s Display Network, Facebook and LinkedIn.


Third-party disclosure

Foleon does not sell, trade, or otherwise transfer personal data to outside parties for commercial, charitable, or idealistic purposes. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.


Your rights

Right to access

You have the right to request information about the personal data we hold on you at any time. You can contact us via, and we will provide you with your personal data via email.


Right to portability

Whenever we process your personal data by automated means based on your consent or based on an agreement, you have the right to get a copy of your data transferred to you or to another party. This only includes the personal data you have submitted to us.


Right to rectification

You have the right to request rectification of your personal data if the information is incorrect, including the right to have incomplete personal data completed.

Users within a Foleon account can edit their personal data, account data, and payment details in the profile, account, and store section.


Right to erasure

You have the right to erase any personal data processed by us at any time except for the following situations:

  • You have an ongoing matter with customer support.
  • You have an unsettled debt with us, regardless of the payment method.
  • If you are suspected of misusing or have misused our services within the last four years.
  • Your debt has been sold to a third party within the last three years or one year for deceased customers.
  • Your credit application has been rejected within the last three months.
  • If you have made any purchase, we will keep your personal data in connection with your transaction for bookkeeping purposes.


Your right to object to processing based on legitimate interest

You have the right to object to the processing of your personal data that is based on our legitimate interest. We will not continue to process the personal data unless we can demonstrate legitimate grounds for the process which overrides your interest and rights or due to legal claims.


Your right to object to direct marketing

You have the right to object to direct marketing. You can opt-out from direct marketing by following the instruction in each marketing email


Right to restriction

You have the right to request that we restrict the process of your personal data under the following circumstances:

  • If you object to a processing based on our legitimate interest, we shall restrict all processing of such data pending the verification of the legitimate interest.
  • If you have a claim that your personal data is incorrect, we must restrict all processing of such data pending the verification of the accuracy of the personal data.
  • If the processing is unlawful you can oppose the erasure of personal data and instead request the restriction of the use of your personal data instead.
  • If we no longer need the personal data but it is required by you to defend legal claims.


How can you exercise your rights?

We take data protection very seriously and therefore we have dedicated customer support personnel to handle your requests in relation to your rights stated above. You can always reach them at


Right to complain to a supervisory authority

If you consider us to process your personal data in an incorrect way you can contact us. You also have the right to raise a complaint to a supervisory authority.


Do we use 'cookies'?

Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser.


What are cookies used for?

Foleon uses cookies to recognize a visitor’s IP address, browser, operating system, source origin, applied search terms, and internal and external links clicked. These insights enable us to compile aggregate data about site traffic and site interactions, helping us to provide our visitors with better site experiences and tools in the future. We collaborate with trusted third-party services to help us that track this information on our behalf.

Cookies are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services.


Overview of scripts and cookies and where they are used for:


Script name What it is used for
Google Ads remarketing Building audiences for retargeting
Google Ads Click ID Tracking conversion value in Google Ads
Bing Ads Universal Event Tracking Tracking performance in Bing
Facebook Pixel Remarketing on Facebook and website analytics
GA event tracking Website and visitor behavior analysis
Microsoft Clarity Website and visitor behavior analysis
Hubspot CRM, marketing automation, email automation, website analysis, live chat support
LinkedIn insight Remarketing and analytics
LinkedIn Lead Conversion tracking
Sumo plugin Pop-ups, website behavior analytics
Twitter Ad performance analysis
Intercom Live chat support and analyzing support questions
Mixpanel Event tracking to monitor behavior inside the Foleon platform
TwentyThree Video marketing platform and video analytics
Chameleon In-app product experiences
Clearbit Track website visitors to build retargeting audiences
LeadFeeder Track website visitors to build retargeting audiences

Cookie name Processor What it is used for
_uetsid Bing HTTP cookie to track session
_ga Google Analytics Used to distinguish users
_uetsid Bing HTTP cookie to track session
_gat Google Analytics Used to throttle request rate
_gid Google Analytics Used to distinguish users
_click Microsoft Clarity Persists the Clarity User ID and preferences, unique to that site, on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hssc HubSpot This cookie keeps track of sessions. This is used to determine if we should increment the session number and timestamps in the __hstc cookie. It contains the domain, viewCount (increments each pageView in a session), and session start timestamp.
_hssrc HubSpot Whenever HubSpot changes the session cookie, this cookie is also set. We set it to 1 and use it to determine if the user has restarted their browser. If this cookie does not exist when we manage cookies, we assume it is a new session.
_hstc HubSpot The main cookie for tracking visitors. It contains the domain, utk (see below), initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
hubspotutk HubSpot This cookie is used for to keep track of a visitor's identity. This cookie is passed to HubSpot on form submission and used when de-duplicating contacts.
_smvid Sumo Used for sign-up prompt purposes when visitors browse marketing page.
mp_* Mixpanel We use Mixpanel to track and log behaviour event data within the Foleon editor.
intercom-id-etfcwbz1 Intercom We use Intercom to provide live customer service chat on our Platform. This cookie stores the user id.
intercom-session-etfcwbz1 Intercom We use Intercom to provide live customer service chat on our Platform. This cookie stores the session data.
chmln:* Chameleon Used to keep track of progress through a Chameleon Experience, temporarily store “not yet synced” data, and know which user is currently identified to Chameleon.
 ad_session_id TwentyThree  A system cookie used for traffic balancing. The cookie will time out shortly after the user session ends.
 uuid TwentyThree A session-type cookie storing an anonymous identifier for the visitor. The cookie is used by Analytics to make play and engagement tracking more accurate. This cookie can be disabled by changing the cookie policy on the account. 


and session_referer

TwentyThree Two session cookies used for referral traffic in Analytics. This will store the website address that referred traffic to the video player. 
 [site-id]_u + [site-id]_p TwentyThree  

Persistent tracking cookies used for profile tracking. The first cookie stores a unique identifier for the viewer. The second cookie remember which properties the viewer has submitted through collectors. These cookies can be disabled by changing the cookie policy on the account.

Feel free to reach out to if you would like to receive more information on how we use cookies on our website.


Complaint or remark about the use of personal data

We do our utmost to ensure the security of your personal data. However, if you do have a complaint or remark about our use of your personal data, because you feel that we don’t handle your personal data carefully or because you have requested access to or correction of your personal data, but are not satisfied with the response, please let us know via so we can take appropriate action.


Our role as a Processor

Processor agreement

We enable organizations to share valuable content with their relations. We will process personal data solely for purposes of the storage, on our servers or those of third parties engaged by us, of the online magazines and/or forms created by or on behalf of the Processor. The Processor will not process the personal data for any purpose other than those established by the Controller. We have a Data Processing Agreement in place covering all aspects of processing personal data.


Contacting Us

If there are any questions regarding this privacy policy, you may contact us using the information below.

Foleon B.V.
Transformaterweg 38-72
Amsterdam, Noord-Holland 1014 AK
The Netherlands

Need to get in touch?

Get in touch