The General Data Protection Regulation (GDPR) is the result of four years work by the European Union to unify and strengthen data protection for all citizens in the EU.
GDPR gives you more control over how your data is used, while to us, it is a simple legal environment where we can operate. That makes this change desirable for both parties!
The new regulation came into effect on the 25th May 2018 and we are glad to report that LiveChat has now fulfilled all the required regulations to become fully GDPR compliant.
GDPR regulates the processing of personal data in the European Union (its collection, storage, transfer or use). Under the GDPR, the concept of “personal data” is broad and covers any person-related information that can be used to identify them.
The important thing is that GDPR applies to every organization that processes personal data of the EU citizens, even if it’s located outside of the EU. Now, every company is obliged to maximize its security in order to prevent data violation and protect you from data leakage.Learn more about GDPR
Maximum data security has always been the top priority in LiveChat. The new data center is just an example of the improvements we continually introduce; compliance with GDPR is just another step towards better data protection. What is more, we have implemented Standard Contractual Clauses in relation to our Processors to ensure quality-based data transfer.
We have always aimed to be fully compliant with international law and privacy regulations. For that reason, we have started working on GDPR regulations in July 2017, nearly a year before the deadline. We were in touch with attorneys and data protection specialists to implement all the changes.
We have improved anonymity and pseudonymization of the data within our analytics tools, and we constantly making changes so you could have a better control over your data. We want to give you tools that will allow you to decide to what extent you disclose your data or to what extent you process data of your customers.
Thorough analysis of areas inside the company that are affected by GDPR
Preparation of a strategy for implementation of the technological GDPR regulations to each service we provide
Preparation of a strategy for implementation of the legal GDPR regulation in our internal and external procedures
Making changes to the Pre-chat survey feature, giving our customers option to include the data protection consents and clauses required before a chat
Preparation of Data Processing Agreement
Making necessary product and feature changes to help our customers become GDPR compliant, complimented with a product guide showing our customers how to adjust LiveChat for GDPR and that will help them better control their (and their customers') data
Implementation of required changes to our internal processes and procedures
Updates in company’s documentation according to GDPR requirements
Appointing a Data Protection Officer
Comprehensively testing all changes to verify the compliance with GDPR
Communicating full compliance to customers
If your company is based in the EU or your customers are EU citizens, there are few things that might be important for you.
2. Regardless of being a data controller or a data processor, when you transfer EU/EEA or California’s citizens personal data to us (and you do so while using our Services) we have prepared a Data Processing Addendum incorporated by reference to the Agreement, so you don’t have to take any further action. Our Data Processing Addendum incluses updated SCCs, as approved by the European Commission in June 2021, that comply with the newest recommendations of the European Commission and are relevant for your use of LiveChat as a data processor if you’re based in the EU/EEA or California.
If you have any questions about its contents you can email: email@example.com.
GDPR grants expanded rights for individuals in the European Union by allowing them, amongst other, the right to be forgotten and the right to request a copy of any personal data stored in their database.
GDPR requires organizations to implement appropriate security policies, keep records on data activities, and enter into written agreements with vendors to make sure that data is protected.
GDPR requires organizations to report certain data breaches to data protection authorities and, under certain circumstances, to the affected data subjects.
GDPR impose additional obligations on organizations engaged in profiling or monitoring behavior of EU individuals.
GDPR provides a central point of enforcement for organizations operating in EU or processing data of the EU individuals member states by requiring companies to work with a supervisory authority for cross-border data protection issues.