What is GDPR (General Data Protection Regulation)?
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It creates consistent data protection rules across Europe and applies to companies who are based in the EU and global companies who process personal data about individuals in the EU. The regulation came into effect on the 25th May 2018.
How does GDPR affect you?
If you process personal data of any person in the EU, GDPR will apply to you regardless of whether you’re based in the EU or not. Besides strengthening and standardizing user data privacy across the EU nations, it will require new or additional obligations on all organizations that handle EU citizens’ personal data, regardless of where the organizations themselves are located.
You can read the full General Data Protection Regulation here.
GDPR’s concept of ‘Personal Data’ is explained in this article.
How is tawk.to compliant with GDPR?
We take the security of your data very seriously here at tawk.to. Protecting our customers’ information and their users’ privacy is extremely important to us. We are dedicated to assisting our users to help them remain compliant with GDPR.
These are the measures we’re have taken to ensure that tawk.to and all our users meet GDPR requirements:
We have submitted our self-certification for the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks that were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.
Tawk.to is also registered with the Information Commissioner’s Office (ICO) in the United Kingdom.
We may also process personal data our customers submit relating to individuals in the EEA via other compliance mechanisms, including data processing agreements based on the EU standard contractual clauses. A request for the tawk.to Standard Contractual Clause can be found here.
Tools and features to help you comply with GDPR
As a data processor, we have released features and tools that will help you comply with data requests from your users.
– Ability for agent to delete contacts
– Export tickets and chats by agents for visitor
– Property settings for disabling IP recording of visitor IP
– Data privacy consent form from visitor widget
Tools and features to help us comply with GDPR:
– Automated agent account deletion
– Data export tool
Data Processing Agreement with our Sub-processors
We have entered into Data Processing Agreements (DPA) with our vendors to ensure your data and the data of your users is protected – here is a list of sub-processors.
We take security seriously here at tawk.to, and it has been our focus from day one. As part of GDPR compliance we continue to review our security measures and responses on an ongoing basis to remain compliant.