Privacy & GDPR

Elementor2CRM includes tooling to honor consent, limit retention, and integrate with WordPress personal data exports.

Consent enforcement

Settings → Consent field IDs
Provide one or more Elementor field IDs that must evaluate to truthy (checked) before submissions are sent. If the checkbox is unchecked, Elementor2CRM aborts the CRM call and logs the skip for auditing.

Log retention & PII

Log retention days: choose how long to store submission logs. The hourly cleanup task prunes older entries.
Include PII in logs: toggle to mask email/phone/name values. When disabled, logs display `***` but still retain CRM response metadata.
Failure notifications: set a dedicated email to receive alerts after the final retry fails.

Encryption

When OpenSSL is available, Elementor2CRM encrypts Keap/GoHighLevel tokens at rest using AES-256-GCM. You can disable encryption in Settings (not recommended) if your environment lacks the extension.

WordPress privacy tools

The plugin registers exporters and erasers with the WP privacy framework. When sites receive a data request, any matching logs (by email) are included in exports and scrubbed during erasure.

UTM & referrer handling

UTM parameters are persisted in cookies for 30 days, then sent to your CRM as custom fields or appended note text. If your policy requires shorter storage, edit assets/js/frontend.js to adjust the cookie max-age.

Refer back to the Privacy Policy for legal language or continue to Troubleshooting.