The technical connections between a website and external software platforms — CRM, live chat, helpdesk, marketing automation, analytics, appointment booking, loyalty programmes, social media, video hosting and other tools — that extend the website’s functionality and ensure data flows between the website and the business’s wider technology ecosystem.
By identifying the specific business functions the website needs to support (lead capture, support, booking, chat, personalisation) and selecting tools that best serve each function, integrating efficiently with the existing tech stack, operating within the required budget and meeting applicable data security and compliance requirements.
A platform (Google Tag Manager is the industry standard) that allows tracking codes, pixels and scripts from third-party tools to be added, configured and updated through a single management interface — without requiring code changes to the website itself for each addition. GTM reduces developer dependency for marketing tool deployments.
Each additional third-party script adds to page load time. Tools like analytics platforms, chat widgets, ad pixels and personalisation scripts each make external server requests that can slow rendering. Page speed impacts should be assessed when adding each new tool. Lazy-loading non-critical scripts and using GTM for consolidated management mitigates impact.
Live chat software (Intercom, Drift, HubSpot Chat, Tidio) embedded into the website providing real-time conversation with visitors. Key considerations: staffing availability (a chat widget that never responds damages trust more than not having one), mobile usability, CRM integration for lead capture, GDPR compliance and page speed impact of the chat script.
A customer support ticket system (Zendesk, Freshdesk, Help Scout) integrated with the website to manage post-sale support enquiries. Appropriate for businesses with a significant volume of customer support interactions, enabling structured ticket management, response SLA tracking, knowledge base access and customer satisfaction measurement.
Each third-party tool that processes personal data from the website must be covered in the privacy policy as a data processor. A Data Processing Agreement (DPA) must be in place with each processor. Data transfers outside the UK must have an appropriate legal mechanism. The cookie policy must disclose all cookies set by third-party tools.
By conducting a technical scan of all scripts loading on each page (using Chrome DevTools, Ghostery or a tag auditing tool), listing every active integration, verifying that each one is still in active use, assessing its performance and security impact, confirming DPAs are in place and removing any redundant or unused scripts.
An API integration involves the website proactively requesting or sending data to a third-party service. A webhook involves the third-party service pushing data to the website when a specific event occurs. Both are appropriate for different use cases — webhooks are preferable for real-time event-driven data flows (new CRM contact, payment completed).
By documenting all active integrations, their purpose and configuration, monitoring for errors or data flow failures, keeping integration plugins and API credentials updated and reviewing the integration set periodically to remove tools no longer in use. Broken or stale integrations are both a security risk and a source of data quality degradation.
