perspective.co and Data Protection – What Belongs in the Privacy Policy

When a website operator uses perspective.co, they regularly process entries from interactive mobile funnels (e.g. answers in quiz/survey steps, name, email address, phone number, address) as well as click and connection data for the purpose of lead generation and applicant or customer acquisition, regularly based on contract performance, legitimate interests or consent. This article summarises which data perspective.co touches and which mandatory information has to appear in the privacy policy.

The following remarks are based on publicly available information from the provider and on publicly researchable sources; they do not replace a case-by-case review by the website operator.

A. Purpose and Functioning of perspective.co

perspective.co is a SaaS platform of the Berlin-based Perspective Software GmbH for building interactive, mobile-optimised funnels (so-called "mobile funnels"). Website operators use it in particular for lead generation and recruiting funnels: visitors answer a series of questions, enter contact data at the end and are thus captured as a lead or applicant. Typical fields of application are performance marketing campaigns from social networks (Meta, TikTok, LinkedIn) and recruiting flows.

In the website context, two integration functions are particularly relevant: First, hosting complete funnels on a perspective.co subdomain or under an own domain of the website operator, where all visitor interactions (answers, clicks, transitions between steps) are processed at perspective.co. Second, integrating funnels into an existing website, for example as a landing page replacement or via direct linking. Other functions such as integrated analytics, connection to advertising networks and CRM systems may be added.

This page focuses on the use of perspective.co as a hosted mobile funnel builder, i.e. the data flow from the perspective.co funnel to the website operator's CRM, ATS or marketing tool.

B. Mandatory Information in the Privacy Policy When Using perspective.co

In addition to general information (controller, data protection officer, data subject rights, supervisory authority), the GDPR requires specific mandatory information for the privacy policy with regard to the use of concrete tools, in particular under Art. 13 and Art. 14 GDPR.

Mandatory information includes:

• the purposes of the processing (Art. 13(1)(c) GDPR),
• the legal bases of the processing (Art. 13(1)(c) GDPR),
• where processing is based on a balancing of interests, the specific legitimate interests pursued (Art. 13(1)(d) GDPR),
• the recipients or categories of recipients (Art. 13(1)(e) GDPR),
• whether data is transferred to an insecure third country outside the EU/EEA and on which basis (Art. 13(1)(f) GDPR),
• the storage period or the criteria for determining it (Art. 13(2)(a) GDPR),
• where data is not collected directly from the data subject, additionally the categories of personal data (Art. 14(1)(d) GDPR).

These mandatory items are broken down for perspective.co below.

In practice, it has become common to include a separate text block per tool in the privacy policy. The GDPR does not require this, and the practice regularly leads to long, redundant and poorly maintainable privacy policies that tend to conflict with the transparency principle of Art. 12(1) GDPR. A more appropriate approach is a topic-oriented one, where processing operations are described across the board (e.g. funnel/landing page, newsletter, application, tracking) and concrete service providers such as perspective.co are listed in a recipients appendix. This is the approach of the matterius generator.

C. Provider of perspective.co

According to publicly available information, the contracting party is Perspective Software GmbH, Müggelstraße 22, 10247 Berlin, Germany (EEA). The exact and current address, management and commercial register entry should be taken from the currently valid version of the imprint (https://www.perspective.co/imprint) and verified by the website operator.

Since Perspective Software GmbH is based in the EEA according to publicly available information, no third-country transfer under Art. 44 et seq. GDPR is required with regard to the provider itself. The situation may be different where perspective.co engages subprocessors located outside the EEA (e.g. hosting or analytics providers); in such cases, SCCs or – for US recipients – the DPF apply.

The privacy policy of perspective.co is available at https://www.perspective.co/privacy-policy. Notes on concluding a DPA and on creating a privacy policy for funnels can be found in the help centre at https://intercom.help/perspective-funnels/.

D. Data Processing by perspective.co – Step by Step

1. Collection: When a perspective.co funnel is accessed, connection data and, where applicable, cookies are recorded. As the funnel steps are completed, answers and any additional entries (contact data, file uploads) are collected.
2. Storage: Data is stored on the perspective.co platform and at subprocessors. According to provider statements, EEA-based infrastructures are primarily used for EU processing; in individual cases, US subprocessors may also be involved.
3. Use: The website operator uses the data for lead/applicant evaluation, sales or recruiting work and, where applicable, for marketing. According to provider statements, perspective.co processes the data on instructions to provide the platform.
4. Transmission: perspective.co may engage subprocessors (e.g. hosting, email delivery, analytics). The website operator may forward data to connected CRM, ATS, email and advertising tools.
5. Deletion: The website operator defines deletion and retention rules in the account and can delete records manually or via interface. After contract termination, deletion takes place in accordance with the contractual provisions.

E. Data Collected in perspective.co

In the perspective.co context, the following data is typically processed: answers in quiz/selection steps (e.g. professional experience, interests, region of residence), first and last name, email address, phone number, address, CV or file uploads (in recruiting context), click paths through the funnel, dwell time per step, conversion events (e.g. funnel completion, contact data submission) and technical connection data.

This data falls into the following standardised data categories:

• Web server log data: data the server receives with each request, e.g. IP address, date and time, URL of the funnel step, referrer, browser, operating system and device.
• Click paths: funnel steps accessed, answers selected, buttons clicked, each with timestamps.
• Device data: device type, operating system, screen resolution and size, touch support of the device.
• Browser information: browser name and version.
• Coarse location data: coarse location at city or municipality level derived from the IP address.
• User content: entries in form fields, answers to quiz steps, uploaded files (e.g. CV).
• User profiles: segment assignments, interests and lead scores derived from the answers.
• Conversion events: funnel completion, contact data submission, appointment booking, file upload, click on outbound link.
• Interaction data: dwell time per step, scroll and touch movements, where captured.

F. Purposes of Use When Using perspective.co

The website operator typically uses perspective.co for lead generation in the context of performance marketing campaigns, for the structured pre-qualification of prospects or applicants, for the success measurement of advertising campaigns, and for optimising the conversion of individual funnel steps (e.g. A/B testing).

These purposes fall into the following standardised purpose categories:

• Functional provision: provision of the interactive funnel, including error detection and resolution.
• Contract performance: preparation of contractual relationships with prospects and applicants, where the funnel initiates a specific service or application relationship.
• Security and abuse prevention: bot and spam defence, authentication of users in the website operator's account.
• General product improvement: evaluation of aggregated funnel metrics for optimising steps and processes.
• General marketing: reach analysis, success measurement of advertising campaigns, comparison of funnel variants.
• User profile creation: creation of lead/applicant profiles, segment assignment based on the answers.
• User-individual product improvement: adaptation of further funnel steps or downstream processes based on prior answers.
• User-individual marketing: alignment of individual follow-up communication and advertising, where appropriate consent has been given.
• Compliance with retention obligations: retention of relevant applicant or contract data in accordance with applicable retention rules.
• Compliance: compliance with statutory requirements.
• Legal enforcement: assertion, exercise and defence of legal claims.
• Communication: handling of inquiries and follow-up communication with leads/applicants.

G. Legal Bases When Using perspective.co

In the website context, perspective.co falls primarily into the tool category third-party content/funnel provision with overlaps to contact form, newsletter (where opt-in is built in), user account (in the website operator's account) and – where activated – tracking (statistics/marketing) and remarketing via connected advertising networks.

The following legal bases typically come into consideration:

• Contract performance (Art. 6(1)(b) GDPR) for handling specific inquiries, applications or contract initiations.
• Legitimate interests (Art. 6(1)(f) GDPR) for the general provision of the funnel and reach measurement; relevant legitimate interests are typically functional provision, efficiency, security, abuse prevention, improvement and business management.
• Consent (Art. 6(1)(a) GDPR in conjunction with § 25(1) TDDDG) for newsletter sign-ups, marketing-related cookies, advertising network tracking pixels and tracking-based evaluations.
• Legal obligation (Art. 6(1)(c) GDPR) for retention obligations regarding contract-relevant and tax-relevant data.

Which legal basis applies depends on the case and is to be reviewed by the website operator on a case-by-case basis.

H. Special Considerations and Notes on perspective.co

• DPA: According to its own information, perspective.co provides a Data Processing Agreement; a guide on concluding it can be found in the help centre at https://intercom.help/perspective-funnels/. Concluding a DPA under Art. 28 GDPR is regularly required when using perspective.co for own processing.
• EEA seat: According to publicly available information, Perspective Software GmbH is based in Berlin and thus in the EEA. With regard to the provider itself, no third-country transfer under Art. 44 et seq. GDPR is therefore required; the use of subprocessors is to be considered separately.
• Subprocessors: The website operator should review the currently valid subprocessor list. For US subprocessors, DPF status and/or SCCs should be considered.
• Tracking and advertising networks: Funnels of perspective.co are often combined with tracking pixels of major advertising networks (e.g. Meta Pixel, TikTok Pixel, LinkedIn Insight Tag). These are to be assessed separately and regularly require consent under § 25(1) TDDDG.
• Custom domain and cookie banner: When hosting under an own domain, a consent banner and privacy notices need to be embedded on the funnel page.
• Recruiting funnels: For recruiting funnels, additional requirements from applicant data protection apply (e.g. § 26 BDSG / Art. 88 GDPR in conjunction with national law); these are to be reviewed on a case-by-case basis.
• Role: In the website context, according to provider statements, perspective.co acts as a processor of the website operator for the platform provision. The final classification is to be reviewed by the website operator.

I. FAQ on perspective.co and Data Protection

J. Conclusion on perspective.co and Call-to-Action

In the website context, perspective.co touches several topics simultaneously: funnel provision, lead capture, where applicable applicant data, and marketing-related evaluations. From a data protection perspective, the conclusion of a DPA, the selection and configuration of integrated tracking pixels, the treatment of subprocessors and – in recruiting use – applicant data protection are particularly relevant.

For the website operator, it is mostly not advisable to include a separate text block on perspective.co in the privacy policy. Such tool-specific blocks make the privacy policy long, redundant and hard to maintain and tend to conflict with the transparency principle of Art. 12(1) GDPR.

A structured, topic-oriented approach is recommended: the privacy policy describes funnel provision, newsletter, applications and tracking across the board and refers in an appendix to specific recipients such as Perspective Software GmbH. This is the methodology of the matterius generator.

K. Curator