LiveAgent is committed to privacy, security, compliance and transparency. This approach includes supporting our customers’ compliance with EU data protection requirements, including those set out in the General Data Protection Regulation (“GDPR”), which becomes enforceable on May 25, 2018.
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU)
One way in which the personal data of an EU citizen could be collected when using LiveAgent is when you build a database of contacts, their information, and business dealings with them (i.e. a CRM system). Not all customers will be ”data subjects”, as data subjects are only individuals. Some of your customers may be businesses or government organizations, which the GDPR does not apply to.
Yes, everything is set for LiveAgent to be compliant with the GDPR when it becomes enforceable in May 2018.
2-Step Verification adds more security to your LiveAgent account. When you have 2-Factor Authentication enabled, any attempt to log into your account must be accompanied by the code that you generated in Google Authenticator app. 2-Step Verification can help keep unknown people out, even if they have your password.
All LiveAgent hosted accounts run over a secure connection using the HTTPS protocol. Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. It means all communication between your browser and LiveAgent is encrypted, including your chat and email communication.
We follow latest best practices to store and protect user login credentials and passwords in the cloud.
Your LiveAgent Agent panel can be configured to only allow access from specific IP address ranges.
LiveAgent REST API is restricted to accredited users based on username and password or username and API tokens.
LiveAgent has an intelligent built in SPAM filter that learns and improves its filtering capabilities continuously.
LiveAgent provides customers the option to delete Service Data that may contain personal data, such as profiles, tickets, images, and attachments, in active LiveAgent accounts. Within the LiveAgent, Administrators and Agents (collectively described as “Users”) have profiles with hierarchical privileges, as described here.
LiveAgent currently supports the deletion of Agent profile information. Admins and Owner can delete profiles of all Users, including Agents. They can delete Agents in Configuration>Agents>Delete Agent. LiveAgent retains Account Owner information in order to continue to provide its service. When an account is terminated, LiveAgent follows its Data Deletion Policy for remaining profile information.
LiveAgent currently supports the deletion of End-User profile information. Owner, Administrators and Agents can delete End-User profiles. Following this deletion action, the End-User profile is removed from the User Interface and the End-User identity is deleted from the system, along with OAuth Tokens, Sessions and Saved Searches.
Tickets can be permanently deleted.
Customers can delete their profiles from a Customer Portal.