ChatBot Legal

The Agreement

In this section, you will find all the documents that are binding when you use our main services as a customer. If you have questions about the rules on which we provide you with the services, want to know how we handle your data, or have inquiries about intellectual property, check the documents below.

Frequenty Asked Questions

By creating an account, you are accepting the Terms of Use, Privacy Policy, and Data Processing Addendum, which constitute a contract between us (called as the “Agreement”). By clicking the “Create account” button (or a similar button or checkbox that confirms you agree, accept or jus sign up for the services) you are accepting the Terms of Use, the Privacy Policy, the Data Processing Addendum, and the Order Form (if it applies to you).

No, you don’t need to sign the Agreement to make it binding, but the usage of our service is subject to the current version of the Agreement posted on our websites. In some cases, when you are interested in the Enterprise plan (see our Pricing), we may prepare a dedicated Order Form for you that specifies mutually agreed-upon rates for specific services and other commercial terms.

From time to time, we may change the provisions of the Agreement. You should remember that the updated version supersedes all prior versions and is effective and binding immediately after posting on the website. We advise you to review it periodically.

The Agreement is effective on the earliest of the day of your sign-up to our services or from the date specified in the Order Form.

In case anything goes wrong, let’s contact us, and we will try to amicably resolve any claims, disputes, disagreements, or other matters. If it doesn’t work, all issues will be governed by the laws of the State of Massachusetts, United States of America.

You must be at least sixteen (16) years of age to be able to register and access our service. We do not knowingly provide services to anyone under sixteen (16). If it comes to our knowledge that a person under the abovementioned age is accessing or using the services, with no liability whatsoever towards such a person, we will prohibit and block such an account without any prior notice.

Privacy

Here you can find all the documents referring to how we process personal data including the GDPR-related requirements. In this section, you can find details on how we collect, transfer, and further use personal information.

Frequenty Asked Questions

Services are provided and your personal data are processed by LiveChat, Inc. (101 Arch Street, 8th Floor, Boston MA 02110, United States of America). You can contact us via chat or at support@livechat.com (or via support email of the Service you use). LiveChat, Inc. is a data processor since we do not determine the purposes of your (including your customers/users/visitors data) data processing. It is you who decide to use our software, thus, you decide to supply us with the personal data to facilitate communication between you and your customers. We only process the data in order to provide, maintain, and improve our Services as well as to secure yours and our potential claims. In some exceptional cases LiveChat, Inc. may also act as a data controller. It is explained fully in our Privacy Policy.

While registering for one of the services, we request you to provide us with such information as the first name, last name, company business name, address, website address, and email address. This is the basic data of yours that we process and store. We also store the data (including personal data) you and/or your customers insert into the services or other data you ask your customers for via the service you use (i.e. in a pre-chat survey). You can find a full description of the data processing in our Privacy Policy.

Firstly, you need to figure out if you process or provide the personal data of EU citizens. If you process the personal data of European citizens, you must comply with this regulation. You or your company (organization) may act as a data controller. It happens when you are a natural or legal person, public authority, agency, or other body, and you, alone or jointly with others, determine the purposes and means of the processing of personal data. You may also act as a data processor. It happens when – as a natural or legal person, public authority, agency, or other bodies – you process personal data on behalf of the data controller. Simply, when you do not determine the purposes of the processing but use data according to the controllers’ instructions.

We do not sign the DPA as a separate agreement anymore - the DPA is already an integral part of the Agreement, meaning it does not require a separate signature. The reason why we have included the DPA in the Agreement is the need to simplify the work and “keep it simple.”

We store and process the personal data of your customers or users within your connection while using our services. We especially store data provided in the pre-chat survey, chat content, and ticket content. Thus, if you collect your customer or users’ personal data and transfer them to us, you may need to gain their consent and notify them you use our services. You can find the instructions on how to customize your pre-chat survey to comply with this rule here - Prepare your chat for GDPR. If you wish and if they meet your company’s requirements, you can use one of (or more than one) the clauses we have prepared for you. The clauses can be found here - Chat Survey.

You can find more information about sub-processing rules in our DPA and check which sub-processors have access to the personal data of your customers/users/visitors under the following list.

Data Protection Officer is Maciej Malesa LiveChat, Inc. 101 Arch Street, 8th Floor, Boston, MA 02110, United States of America, support@livechat.com

We use cookies to provide you with the best software service possible. Cookies are pieces of information sent by the server, and stored on a user’s computer for the purpose of automatic identification of a particular user when using our Services or browsing the website and are used while using our services or browsing any websites where our services are installed. You can simply delete cookies from your browser anytime. Go to our Privacy Policy to get more info.

Services are provided, and your personal data are processed by LiveChat, Inc. (101 Arch Street, 8th Floor, Boston, MA 02110, United States of America). You can contact us via chat or at support@livechat.com (or via a support email). We act as a data processor since we do not determine the purposes of your (including your customer’s or users’ data) data processing. It is you who decide how to use our software. Thus, you will supply us with personal data to facilitate communication between you and your customers. We only process the data in order to provide, maintain, and improve our services as well as to secure yours and our potential claims. In some exceptional cases, we may also act as a data controller. It is explained fully in our Privacy Policy.

The basis for your personal data processing by LiveChat, Inc. is an agreement between you and us concluded when you sign up for the service (create an account). Remember that for the duration of your subscription to our services, you must have a legal basis to collect, process, and transfer any personal data to our Services in order to provide the services to you. “The Agreement” is constituted by “Terms of Use,” “Privacy Policy,” and “DPA”. This is why separate consent for your data processing by LiveChat, Inc. is not required. However, you may need to gain consent for data processing and transferring from your customer’s or your users. It depends if you collect your customer’s or user’s data, and what your data processing basis is. To help you comply with the e.g. GDPR requirements, we have created a simple and free Privacy Policy Generator that helps you gain such consent. If it’s required by law, you may need to at least notify your customers about using our services and transferring data to us.

Yes, we have. Regardless of being a data controller or a data processor, when you transfer EU/EEA or UK or California citizen’s personal data to us (and you do so while using our Services), we have prepared a Data Processing Addendum incorporated by reference to the Agreement, so you don’t have to take any further action. Our Data Processing Addendum includes updated SCCs, as approved by the European Commission in June 2021, that comply with the newest recommendations of the European Commission and are relevant for your use us as a data processor if you’re based in the EU/EEA or California.

We store and process the personal data of our customers and people permitted by our client to use and operate the services for or on behalf of them while using our services. We store such data as first name, last name, email address, IP number, browser information, operating system, geolocation, payment/credit card details (and other information listed in our Privacy Policy.). We process these data only for purposes listed in the Agreement. We do not sell your data. We also store the data you and your customers inserted into our services. It allows you to have constant access to the history of your conversations and other content. You can freely decide whether you want to delete your data and content permanently from a system. If you wish to remove the data, just send us a request at support@livechat.com, and we will delete the requested data within 30 days.

To make our services work properly, we use other third-party services. We do so to maintain our services, improve our tools, and enable and simplify their usage. If there is a necessity to give sub-processors access to a part of your data, firstly, they will gain only the necessary data enabling them to provide us with their services. Secondly, we enter into a separate agreement to make sure our sub-processors have at least the same level of protection as we do. Please note some of our sub-processors process their data outside the EU.

We are committed to complying with GDPR and accordingly to transferring personal data lawfully and with an adequate security level. This is why we work only with inspected third-party service providers. We have verified all the sub-processors we currently cooperate with. Besides the ‘location requirement’ (we cooperate mostly with companies from the EU or the US), every time before we start cooperation with a new sub-processor, we make sure it is GDPR compliant (if applicable). We also enter into agreements with our sub-processors that guarantee adequate obligations due to data protection. Only if we are sure your data will be transferred and stored securely, will we work with the provider and, if needed, apply additional measures (i.e., Standard Contractual Clauses) to transfer data in line with the GDPR.

When personal data is hosted or processed outside of the European Economic Area and the UK, GDPR requires that it remains protected by appropriate safeguards in line with EU law. LiveChat, Inc. meets these requirements by implementing the appropriate safeguards required by the GDPR. Please go to International Data Transfer to get more information.

Security

Questions about security? You are in the right place. Here you will learn where we store data, where our servers are located, how we provide security as well as to whom and in what circumstances we can share data.

Frequenty Asked Questions

As a company offering its services in SaaS model we are aware that the security of our customers and their data is crucial. We treat security as a basic aspect of our business. We know that it is a matter of trust. Currently, we made sure our safeguards comply with the regulation and adjusted some new ones if necessary. More information about our technical and security measures you may find in Exhibit B of the Data Processing Agreement

Running an external audit, fixing all found vulnerabilities, testing the implemented fix, and iterating this procedure until the issue is fixed and periodic systems scanning with tools for automatic issue recognition.

We have a DR plan; each part of the system can be restored within 24 to 48 hours (considering a complete disaster). Moreover, each instance of the whole infrastructure is multiplied, so losing a single instance will not cause the service to degrade. Provided time refers to the flood scale of the disaster.

Yes, we do have DDoS protection provided by Akamai.

Yes, we have breach detection, investigation, and internal reporting procedure in place. In case of any management incident, we are ready to react immediately to protect your data from unjustified disclosure or any other infringement.

Please contact us promptly via support@livechat.com or chat with us on our website.

You can ask us for a copy of your data. For example, it is possible to download a copy of the data in JSON and to do that, please refer to Prepare your chat for GDPR! | LiveChat Help Center to check how you can get your data.

The application is multi-tenant, so the data for each license is accessible only to accounts assigned to the license; the person that wants access to license data, needs a corresponding login and password. This is the basic logic behind the whole application infrastructure, and it’s not possible to access other users’ data, as the access request without needed credentials will be considered an unauthorized call and denied. Also, one set of credentials (login + password) can be used for one license only.

Guidelines and Policies

Here you can find more information about our company standards, values, and general recommendations about how to use our services.