Please make Builder GDPR compliant, so people from EU can use it. I am not an expert, but it defenetly needs following changes:
Hi @Jakob_G! Thanks for reaching out.
Builder is fully GDPR and CCPA compliant.
To turn off off cookies/tracking/localstorage, etc set
builder.canTrack = false;
If you allow your customers to opt-in to cookies and tracking, then you can listen to the same prompt/dialog to change tracking preferences and turn on/off Builder cookies and tracking accordingly
Let us know if you have any additional questions.
Hi maddy,
thank you for the reply.
How do you disable tracking when using Builder HTML API?
You are recording the number of page views anyway, right? What Information do you collect there? Do you save IP addresses of the visitors?Because I think they need to be anonymised to be GDPR compliant.
For the HTML API, you can set a window variable to window.builderNoTrack = true. Builder doesn’t store any personally identifiable information in our request logs (ie no visitor id if tracking is off).
Hi Maddy,
Is there any way to remove the builderSessionId cookie? It is still created even when canTrack is set to false.
Many thanks!
hey @josh - when canTrack = false (or window.builderNoTrack = true) no cookies are set, including builderSeesionId
Are there any access/delete APIs available?
Thanks,
Hannah
Hello @hbarnstone, we don’t have any APIs to access/delete user data since we do not track any personally identifiable end-user information. As mentioned above you can also set builder.canTrack = false``; to disable any tracking.
I’m setting builder.canTrack = false before I call builder.init in the @builder.io/vue@0.1.11 and builderSessionId cookie is still set. How can I disable setting this cookie?
@alex1, thanks for bringing this up to our attention. We are investigating how the canTrack configuration works within the Vue SDK and will get back to you with more information.
While we investigate - @alex1 can you let us know if you add to your code:
window.builderNoTrack = true
if the cookie still gets set? Thils will help us verify a potential edge case
its also set with the window property sadly
is there any feedback yet? We are investigating our cookie policy due to gdpr concerns and in the worst case, when we can not disable the builder.io cookie, we need to remove it 
@alex1 We have found and fixed a bug in our SDK, which was causing the cookie to remain despite window.builderNoTrack and builder.canTrack being set correctly. Thank you again for bringing this to our attention.
We will let you know once the fix has been fully deployed across our SDKs.
when will you release a new version of the vue library?
To answer your question about GDPR, yes, you can technically anonymize IPs in the builder settings, but the real issue is often the trigger timing. Standard scripts usually capture data before the consent banner even fully loads, which is a big compliance gap.
If you’re seeing data leaks or inconsistent consent logs, it’s usually because client-side tags are too ‘aggressive’. Keeping tracking compliant is getting harder, unfortunately, especially with EU regulations.
If you’re moving to a server-side setup to fix this, ensuring the data is scrubbed before it hits the API is crucial. I came across a facebook cookieless tracking setup that basically automates this by handling the PII stripping in a server container. It might be worth a look to ensure your environment is configured perfectly for GDPR if you’re going that route.
Good luck!