LiveChat implements the General Data Protection RegulationGDPR
The General Data Protection Regulation (GDPR) is the result of four years work by the European Union to unify and strengthen data protection for all citizens in the EU.
GDPR gives you more control over how your data is used, while to us, it is a simple legal environment where we can operate. That makes this change desirable for both parties!
The new regulation came into effect on the 25th May 2018 and we are glad to report that LiveChat has now fulfilled all the required regulations to become fully GDPR compliant.
GDPR: How Does it Work
GDPR regulates the processing of personal data in the European Union (its collection, storage, transfer or use). Under the GDPR, the concept of “personal data” is broad and covers any person-related information that can be used to identify them.
The important thing is that GDPR applies to every organization that processes personal data of the EU citizens, even if it’s located outside of the EU. Now, every company is obliged to maximize its security in order to prevent data violation and protect you from data leakage.
Learn more about GDPRWhat Has LiveChat Done about GDPR?
Maximum data security has always been the top priority in LiveChat. The new data center is just an example of the improvements we continually introduce; compliance with GDPR is just another step towards better data protection. What is more, we have implemented Standard Contractual Clauses in relation to our Processors to ensure quality-based data transfer.
We have always aimed to be fully compliant with international law and privacy regulations. For that reason, we have started working on GDPR regulations in July 2017, nearly a year before the deadline. We were in touch with attorneys and data protection specialists to implement all the changes.
We have improved anonymity and pseudonymization of the data within our analytics tools, and we constantly making changes so you could have a better control over your data. We want to give you tools that will allow you to decide to what extent you disclose your data or to what extent you process data of your customers.
GDPR Roadmap
where we are on our journey to become compliant
Thorough analysis of areas inside the company that are affected by GDPR
Complete
Preparation of a strategy for implementation of the technological GDPR regulations to each service we provide
Complete
Preparation of a strategy for implementation of the legal GDPR regulation in our internal and external procedures
Complete
Making changes to the Pre-chat survey feature, giving our customers option to include the data protection consents and clauses required before a chat
Complete
Preparation of Data Processing Agreement
Complete
Making necessary product and feature changes to help our customers become GDPR compliant, complimented with a product guide showing our customers how to adjust LiveChat for GDPR and that will help them better control their (and their customers') data
Complete
Implementation of required changes to our internal processes and procedures
Complete
Updates in company’s documentation according to GDPR requirements
Complete
Appointing a Data Protection Officer
Complete
Comprehensively testing all changes to verify the compliance with GDPR
Complete
Communicating full compliance to customers
Complete
What do LiveChat customers need to do?
If your company is based in the EU or your customers are EU citizens, there are few things that might be important for you.
1. Make sure that your Terms of Service and Privacy Policy properly communicate to your customers how you use LiveChat. If you collect personal data of your customers and process them via our app, you should inform your customers about their entitlements under GDPR. We recommend you ensure your policies and internal documentation are up to date and clear to your readers.
2. Regardless of being a data controller or a data processor, when you transfer EU/EEA or California’s citizens personal data to us (and you do so while using our Services) we have prepared a Data Processing Addendum incorporated by reference to the Agreement, so you don’t have to take any further action. Our Data Processing Addendum incluses updated SCCs, as approved by the European Commission in June 2021, that comply with the newest recommendations of the European Commission and are relevant for your use of LiveChat as a data processor if you’re based in the EU/EEA or California.
If you have any questions about its contents you can email: dpa@livechat.com.
3.In reference to the Data Processing Agreement, we have also updated both our Terms of Use and Privacy Policy.
The summary of key GDPR changes
Expanded individual rights
GDPR grants expanded rights for individuals in the European Union by allowing them, amongst other, the right to be forgotten and the right to request a copy of any personal data stored in their database.
Compliance obligations
GDPR requires organizations to implement appropriate security policies, keep records on data activities, and enter into written agreements with vendors to make sure that data is protected.
Data breach notifications
GDPR requires organizations to report certain data breaches to data protection authorities and, under certain circumstances, to the affected data subjects.
New requirements for profiling and monitoring
GDPR impose additional obligations on organizations engaged in profiling or monitoring behavior of EU individuals.
Increased Enforcement
GDPR provides a central point of enforcement for organizations operating in EU or processing data of the EU individuals member states by requiring companies to work with a supervisory authority for cross-border data protection issues.