Table of Contents

Data, cookie & security policy

Lisa Fockens Updated by Lisa Fockens

Data & cookies policy

What is Wisepops?

Wisepops is an onsite marketing solution used by the website you are browsing. 

It allows the website owner to display targeted campaigns on their website (popups, notifications, bars, ...).

These campaigns can be an invitation to subscribe to their newsletter, an invitation to check their latest promotion, a visual presenting their new product, etc…

An email pop-up example

First, what we do not do

Wisepops has not, does not, and will not ever:

  • Sell or share your email address, or any other personal information, identifiable or not, that you provide in a popup form.
  • Send emails or contact you, for any purpose.
  • Display any third-party ads on the website you are visiting.

What information do we store about you as a visitor?

Browsing information

For internal targeting purposes, we gather certain details about your browsing history on the website where Wisepops has been set up. 

This information is used to evaluate whether you match one of the display scenarios of the website owner, in which case you will see a given message during your navigation.

These details include:

  • The last time you visited the website
  • The pop-in campaigns you interacted with (display, click, or sign up)
  • Any additional information our customer chooses to attach to your visit (for example, your last purchase date)

These details allow the website owner to know if you’re a new visitor, for instance, and display a welcome message accordingly.

Your browsing information is stored in a cookie and placed on your computer. This cookie expires after 2 years and helps us ensure you don't see the same message twice. You can configure the cookie expiration delay.

This information is not stored on our servers or elsewhere. It can’t be accessed by other applications, and it is not used to track you across different websites. To erase these details, you can simply empty your cookies.

On Safari, our cookies expire after 7 days.
Due to the ITP 2.1 update, Safari clears all third-party data after seven days.

Personal details

Webmasters can use Wisepops to collect personal details through popup forms. These details can be your email address, your name, your phone number, etc.

When you enter personal details through a popup form, we also collect your IP address and your country. These two elements help us combat spam.

All these details are stored on our servers and can only be accessed by the website owner and Wisepops employees. They are not shared with anyone else, except with trusted services (such as Mailchimp) to store details and send emails, and only with the approval of the website owner.

We don't keep any other information allowing us to identify you.

Which cookies are created by Wisepops?

Here is a list of cookies we use to remember your visitors' context. All of these cookies are first-party: they are attached to your domain, not Wisepops.




Expiration: 2 years

Necessary: Yes

This is where we store various persistent data to make the experience of your visitors is in line with your targeting.

Example: The campaigns the visitor has seen and converted, their A/B testing group, etc.


Expiration: 2 years

Necessary: Yes

Persistent cookie where the last 10 visits dates are stored.

This is to resolve conditions such as "Display to the visitors who came 5 times in the last month".


Expiration: 2 years

Necessary: Yes

This persistent cookie stores the custom properties across sessions.

This is also a cookie for targeting resolution. For example: "Last purchase date is before 1 month ago".


Expiration: 2 years

Necessary: Yes

Persistent cookie that disables Wisepops.

This cookie is created when a visitor clicks "Don't show popups again".


Expiration: Session

Necessary: Yes

Data is stored during the session and a maximum of 2 hours for targeting resolution.

Example: The initial referrer, the UTM parameters of the first page of the visit, etc.


Expiration: Session

Necessary: Yes

Technical session cookie used for exit-intent detection.


Expiration: Session

Necessary: No

Analytics identifier that allows us to provide reports of your campaign's performances.

You can change the expiration delay of our persistent cookie. And choose to use the browser's local storage instead of cookies.

How can you get your personal details removed from our servers?

Contact us by email at We'll delete everything we have about you within two working days.

Data security policy

Who hosts Wisepops’ servers?

Our infrastructure is hosted by Amazon Web Services and Google Cloud, in the USA. These two providers meet the highest security and data protection standards:

Which domains are involved when using Wisepops on your website?

Refer to Using Wisepops with a Content Security Policy.

What safeguards are in place to prevent unauthorized access to data?

To prevent direct access to our database, we put in place the following restrictions:

  • Only our lead developers have access to the production servers.
  • SSH (with a private key or gcloud utility) is the only way to access our servers. There’s no FTP, our database is not opened to external connections and we don’t use tools like PhpMyAdmin, etc.
  • Our servers are behind a firewall.
  • Our servers are physically secured.

To protect your account, we also took the following measures:

  • The access to is protected by two technologies provided by Cloudflare: WAF & IP reputation firewall.
  • Accounts are protected against brute-force attacks with the Fail2ban solution.
  • Our own application forces the use of HTTPS.

What safeguards are in place to prevent Data Loss and Corruption?

Your data is backed up every day, and stored for 7 days.

As part of our disaster recovery plan, we also back up all the calls to the machines handling popups on our customers’ websites on an AWS private S3 bucket.

What personal data do we store about you?

All the personal details we collect from you (email, password, name, etc.) are listed on your account configuration page. For security reasons, we also collect your IP address, login dates, and user agent. We store these for one month. These details are stored by Google Cloud Logging.

We share some of your personal details (email, website, name, and login) with Segment, Mixpanel, and Intercom for internal use. We remain the only users and owners of this data.

How long do we keep your data?

We preserve your data for two years. After two years of inactivity, we permanently delete all your data, including:

  • Your company & billing information
  • Your campaigns
  • The data collected through your campaigns

We define inactivity as the lack of user interaction with our app (, and the lack of recurring payment to maintain an active Wisepops subscription.

Any questions? Feel free to contact us:

Limit the impact of Wisepops' cookies on your website