As developers, we do not have perfect legal knowledge about GDPR, like lawyers do. Because of this, from our end we cannot guarantee, that just by following these advices you will have full GDPR compliance for your website! If compliance is a critical requirement for your project, we recommend consulting a qualified expert in this matter.
From our end what we provide is, that if you see some GDPR compliancy issue on your website, and something in our codes could be done to avoid that, get in touch with us and we will try to help!
Connection between you and us (Nextendweb)
Tracking User Data
When you first launch Mosaic, and later in Global Settings, you can enable or disable the “Allow tracking usage data” option.
If enabled, the following usage-related (non-personal) data is collected:
- Which themes are imported
- Which items are inserted from the Component Library
- Whether a Component Library item was inserted through the wizard or the Assets modal
- The associated Mosaic theme ID/name where applicable
- A unique ID generated for your website by Mosaic
This data helps us improve the product experience and better understand how features are used.
License Validation
To ensure proper licensing, Mosaic verifies whether a website’s license is valid during license activation, and later when license-protected features are used. Mosaic checks whether the stored license token is still valid, and if it has expired or is close to expiring, it refreshes it through Nextendweb’s licensing server.
This may happen when:
- Opening Theme Library or Component Library admin screens
- Importing themes from the library
- Importing items from the Component Library
- Downloading Mosaic updates
The check is not sent continuously in the background; it is triggered only when Mosaic needs to access license-protected resources or verify the current license state.
During this process, only license-related data (such as the license key and domain) is used. No sensitive personal data is collected.
Connection between you and your website visitors
Google fonts
By default, Google Fonts collect user-related data when loaded from Google’s servers.
To avoid this, you can enable the Save fonts locally option in Global Settings.
This will:
- Store Google Fonts on your own server
- Prevent requests to Google’s servers
YouTube videos
YouTube videos collect user data and set cookies. Mosaic provides a “Privacy” option in the YouTube element, that makes videos load from youtube-nocookie.com. That reduces tracking, however, please note that even in privacy mode, some cookies may still be set by YouTube!
If you want to avoid any third-party tracking entirely, then do not use YouTube videos, but rather Video elements with a self-hosted MP4 video files.