This Measure constitutes a policy governing the applicable safety measures concerning all products provided by LiveChat, Inc., namely:
Some safety measures may be conditional upon particular product characteristics. Such a distinction in security measures shall be always indicated.
Data transmission and storage security are imperative in the modern enterprise. That’s why we have taken all measures to keep all information appropriately protected. We use IBM data centers located in various locations such as Texas, USA; Frankfurt or Ireland, Europe (but the availability of European hosting centers is related to our specific products). They are behind several security clearances, and there’s always a security guard on duty in data storage centers. Services provided to us by IBM comply with the SSAE16 standard. Our staff is granted access only in their respective fields and day to day work. They are also required to maintain confidentiality after departure from the company. Our developers treat stored data of customers with the highest level of security and care. Each piece of customer data is treated as personal and in need of standardized protection. We have employed security policies that ensure the safety of the data storage and transmission. There is no expiration date on the stored data. The data will remain on our servers even if a client does not extend his or her license. If you’d like to retrieve chats that you had with our support team, you can contact us via email@example.com (or via support e-mail of the Service you use), asking to retrieve all the data that we gathered at LiveChat and other products belonging to LiveChat Inc. Furthermore, when accessing the LiveChat product, you are communicating through Akamai, our Content Delivery Network provider. During this communication, you negotiate through which encryption algorithm will you be routed, before the application protocol transmits or receives its first bytes of data.
To make sure your firewall is not blocking any LiveChat, ChatBot, HelpDesk or KnowledgeBase requests, please add the following domains to your firewall’s exception list *.livechat.com, *.livechatinc.com, *.livechat-static.com, *.helpdesk.com, *.helpdesk-static.com. *.chatbot.com. Our CDN and anti-DDoS infrastructure is built on tens of thousands edge servers, so we cannot provide a list of all IP addresses on our Network. Note that a firewall with an IP ACL policy has the additional disadvantage that access control based solely on IP addresses is prone to error due to attacks like spoofing, DNS cache poisoning, and BGP hijacking. We recommend that network administrators using IP ACLs for web traffic employ a simple proxy server that filters traffic based on a domain name, for example: *.livechatinc.com in the HTTP request, rather than by the IP address of the remote server.
We give you the possibility to send and receive Webhooks that can carry various information, like additional details about your customers, gathered from your database. To make sure that you know whether the Webhook was sent by LiveChat, ChatBot or by a different provider, our Webhooks identify themselves with the use of the following header: User-Agent: LiveChat webhook/1.0 and chatbot/1.0. If you’d like to learn more about Webhooks for LiveChat, click here.
Our Products comply with the following information related security and monitoring procedures:
Physical security ensured by data centers and hosting provided to and by our Products meet the following requirements:
Our Products support technical controls to provide protection to its network, systems, and applications:
To ensure the protection of confidentiality, integrity, and availability of customer data, all of our Products meet the following usage criteria: