The General Data Protection Regulation (GDPR) is the result of four years work by the European Union to unify and strengthen data protection for all citizens in the EU.
GDPR gives you more control over how your data is used, while to us, it will be a simple legal environment where we can operate. That makes this change desirable for both parties!
The new regulation will come into effect on the 25th May 2018 and we are glad to report that LiveChat has now fulfilled all the required regulations to become fully GDPR compliant.
GDPR regulates the processing of personal data in the European Union (its collection, storage, transfer or use). Under the GDPR, the concept of “personal data” is broad and covers any person-related information that can be used to identify them.
The important thing is that GDPR applies to every organization that processes personal data of the EU citizens, even if it’s located outside of the EU. Now, every company is obliged to maximize its security in order to prevent data violation and protect you from data leakage.Learn more about GDPR
Maximum data security has always been the top priority in LiveChat. Privacy Shield and new data centers are just examples the improvements we continually introduce; compliance with GDPR is just another step towards better data protection.
We have always aimed to be fully compliant with international law and privacy regulations. For that reason, we have started working on GDPR regulations in July 2017, nearly a year before the deadline. We were in touch with attorneys and data protection specialists to implement all the changes.
We have improved anonymity and pseudonymization of the data within our analytics tools, and we constantly making changes so you could have a better control over your data. We want to give you tools that will allow you to decide to what extent you disclose your data or to what extent you process data of your customers.
Thorough analysis of areas inside the company that are affected by GDPR
Preparation of a strategy for implementation of the technological GDPR regulations to each service we provide
Preparation of a strategy for implementation of the legal GDPR regulation in our internal and external procedures
Making changes to the Pre-chat survey feature, giving our customers option to include the data protection consents and clauses required before a chat
Preparation of Data Processing Agreement
Making necessary product and feature changes to help our customers become GDPR compliant, complimented with a product guide showing our customers how to adjust LiveChat for GDPR and that will help them better control their (and their customers') data
Implementation of required changes to our internal processes and procedures
Updates in company’s documentation according to GDPR requirements
Appointing a Data Protection Officer
Comprehensively testing all changes to verify the compliance with GDPR
Communicating full compliance to customers
If your company is based in the EU or your customers are EU citizens, there are few things that might be important for you.
2. If you are located in the EU or your country's law requires it from you, you can sign a Data Processing Agreement with us. To do that, write us an email at email@example.com and we will provide you with a DPA that you'll be able to both review and sign.
GDPR grants expanded rights for individuals in the European Union by allowing them, amongst other, the right to be forgotten and the right to request a copy of any personal data stored in their database.
GDPR requires organizations to implement appropriate security policies, keep records on data activities, and enter into written agreements with vendors to make sure that data is protected.
GDPR requires organizations to report certain data breaches to data protection authorities and, under certain circumstances, to the affected data subjects.
GDPR impose additional obligations on organizations engaged in profiling or monitoring behavior of EU individuals.
GDPR provides a central point of enforcement for organizations operating in EU or processing data of the EU individuals member states by requiring companies to work with a supervisory authority for cross-border data protection issues.