Please Note: While HighLevel provides tools to help you collect and manage customer data, your legal team or outside counsel are the best resource for compliance advice. This article is for informational purposes only and is not legal advice.
Why This Matters
Under GDPR and other data privacy laws, businesses must have a legally recognized reason—called a “legal basis”—to collect and process personal data.
Typical legal bases include:
Informed consent (explicit permission from the customer)
Contractual obligations (to provide services/products the customer has signed up for)
Legitimate interests (business purposes that don’t override customer rights)
1. What is Personal Data?
Personal data is any information that can identify an individual, such as:
Name, email address, phone number
Location data, IP addresses
Payment details, order history
2. How to Collect Consent from Your Customers
Our platform provides built-in consent collection tools across each customer touchpoint. Each data-collection area in HighLevel allows you to link your Privacy Policy / Terms of Service and include customizable consent checkboxes.
Funnels & Websites
Personal data can be collected through integrated Forms & Surveys, Order Forms, Calendars, and Webchat on your web pages.
Forms & Surveys
Use the Custom Checkbox element in Form Builder and add your own disclosure language based on your business practices and applicable regulations.
Consent will be tracked under contact custom value
Webchat
Add your own disclosure language based on your business practices and applicable regulations
Highlight Privacy Policy, click Link, and paste your URL.
You can also configure this in the Legal Message description box
Calendars (Bookings)
You can customize the consent checkbox text to align with your specific requirements.
Order Forms
Enable the Terms & Conditions checkbox in the Order Form settings.
Add your own disclosure language based on your business practices and applicable regulations.
Highlight Privacy Policy, click Link, and paste your URL.
3. How to Track Legal Basis
You can track your legal basis for processing in HighLevel by using tags and custom fields:
Create a custom field (e.g., Legal Basis) under Contacts.
Add values that match your business needs : Consent, Contractual Obligation, Legitimate Interest.
Create a tag for each legal basis if you want easy filtering.
Example: Contractual Obligation, Legitimate Interest.
Apply the tag to contacts manually or via automation.
Automation example: When a form is submitted, automatically assign the corresponding tag and update the custom field.
The value will be stored in the custom field under the contact record, making it easy to filter, export, or review your data collection practices as needed.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article