Privacy readiness

GDPR support for live chat data.

MyLiveChat gives customers the contract language, dashboard controls, data-rights workflows, and security measures needed to operate a GDPR-aware live chat and AI support program.

Last updated: July 1, 2026 · Operated by Richscripts Inc., an Ontario, Canada corporation.

GDPR support
What GDPR requires

The EU General Data Protection Regulation

The GDPR (Regulation (EU) 2016/679) has applied since 25 May 2018. It can apply to organizations inside or outside the EU when they process personal data in the context of EU activity, offer goods or services to people in the EU, or monitor behavior that takes place in the EU.

For controller-processor relationships, GDPR Article 28 requires a binding data processing contract that describes the processing and includes processor obligations such as documented instructions, confidentiality, security, sub-processor controls, data-subject assistance, return/deletion, and audit support. MyLiveChat's Data Processing Agreement is structured around those requirements.

Disclaimer: This page is informational and is not legal advice. Work with a qualified professional to confirm your own business complies with GDPR.

Who GDPR applies to

If your website serves EU visitors, collects chat details from them, or uses visitor monitoring to understand their activity, your privacy program should account for GDPR. MyLiveChat generally acts as your processor for visitor and transcript data you collect through the service.

Primary references: official GDPR text on EUR-Lex and the ICO's controller/processor contract guidance.

How MyLiveChat supports your compliance

  • Data Processing Agreement with Article 28-style processor terms
  • Privacy Policy, in-chat notice settings, and configurable visitor-storage controls
  • Export and deletion paths for visitor, transcript, and account data requests
  • Sub-processor list and change-notification contact on the Trust & Security page
  • Security controls for transport encryption, access control, backups, incident response, and audit support
  • No sale of customer conversations or visitor data
Article 28 coverage

What our DPA covers

Processing details

Subject matter, duration, nature, purpose, data categories, data-subject categories, and customer rights.

Documented instructions

MyLiveChat processes Customer Personal Data only for the service or accepted customer instructions.

Confidentiality and security

Personnel confidentiality, access control, encryption, backups, monitoring, and incident response.

Sub-processors

General authorization, change notice, objection path, and written downstream obligations.

Data rights assistance

Reasonable assistance for access, export, deletion, correction, and restriction requests.

Return, deletion, and audit

Export/deletion workflow, backup lifecycle, compliance documentation, and audit support.

Customer checklist

What MyLiveChat customers should do

If you have EU visitors or operate in the EU, we recommend:

  1. 1Document why you collect chat data, what fields you collect, and how long you retain it.
  2. 2Update your privacy notice and cookie/consent flow to explain how MyLiveChat is used on your website.
  3. 3Configure visitor storage, privacy-notice text, and collection settings in the dashboard to match your legal basis and consent model.
  4. 4Review and keep a copy of our Data Processing Agreement, then contact us if procurement needs a signed copy.
Free forever for 1 agent

Give every visitor an instant way to reach you.

Launch live chat, connect your knowledge base, and add AI answers when you are ready. No credit card, no trial clock.