The General Data Protection Regulation (GDPR) is the result of four years work by the European Union to unify and strengthen data protection for all citizens in the EU.
GDPR gives you more control over how your data is used, while to us, it will be a simple legal environment where we can operate. That makes this change desirable for both parties!
The new regulation will come into effect on the 25th May 2018 and we are working on changes within our company’s products, procedures, and policies to be in line with GDPR by this date.
GDPR regulates the processing of personal data in the European Union (its collection, storage, transfer or use). Under the GDPR, the concept of “personal data” is broad and covers any person-related information that can be used to identify them.
The important thing is that GDPR applies to every organization that processes personal data of the EU citizens, even if it’s located outside of the EU. Now, every company is obliged to maximize its security in order to prevent data violation and protect you from data leakage.Learn more about GDPR
Maximum data security has always been the top priority in LiveChat. Privacy Shield and new data centers are just examples the improvements we continually introduce; compliance with GDPR is just another step towards better data protection.
We have always aimed to be fully compliant with international law and privacy regulations. For that reason, we have started working on GDPR regulations in July 2017, nearly a year before the deadline. We are in touch with attorneys and data protection specialists to implement all the changes.
We are improving anonymity and pseudonymization of the data within our analytics tools, and we are making the changes so you could have a better control over your data. We want to give you tools that will allow you to decide to what extent you disclose your data or to what extent you process data of your customers.
We will be doing some more changes in the area of privacy in the months to come - but we have already accomplished a lot.
Thorough analysis of areas inside the company that are affected by GDPR
Preparation of a strategy for implementation of the technological GDPR regulations to each service we provide
Preparation of a strategy for implementation of the legal GDPR regulation in our internal and external procedures
Making changes to the Pre-chat survey feature, giving our customers option to include the data protection consents and clauses required before a chat
Implementation of required changes to our internal processes and procedures
Making necessary product and feature changes to help our customers become GDPR compliant, providing them with instructions on how to better control their (and their customers') data
Updates in company’s documentation according to GDPR requirements
Appointing a Data Protection Officer
Comprehensively testing all changes to verify the compliance with GDPR
Communicating full compliance to customers
To be announced
If your company is based in the EU or your customers are EU citizens, there are few things that might be important for you.
2. If you are located in the EU or your country’s law requires it from you, you can sign a Data Processing Agreement with us. Currently, we are working on updating our Data Processing Agreement but as soon as it is done, it will be available for you to sign it.
GDPR grants expanded rights for individuals in the European Union by allowing them, amongst other, the right to be forgotten and the right to request a copy of any personal data stored in their database.
GDPR requires organizations to implement appropriate security policies, keep records on data activities, and enter into written agreements with vendors to make sure that data is protected.
GDPR requires organizations to report certain data breaches to data protection authorities and, under certain circumstances, to the affected data subjects.
GDPR impose additional obligations on organizations engaged in profiling or monitoring behavior of EU individuals.
GDPR provides a central point of enforcement for organizations operating in EU or processing data of the EU individuals member states by requiring companies to work with a supervisory authority for cross-border data protection issues.