GDPR | tawk.to

What is GDPR (General Data Protection Regulation)?

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It creates consistent data protection rules across Europe and applies to companies who are based in the EU and global companies who process personal data about individuals in the EU. The regulation comes into effect on the 25th May 2018.

How does GDPR affect you?

If you process personal data of any person in the EU, GDPR will apply to you regardless of whether you’re based in the EU or not. Besides strengthening and standardizing user data privacy across the EU nations, it will require new or additional obligations on all organizations that handle EU citizens’ personal data, regardless of where the organizations themselves are located.

You can read the full General Data Protection Regulation here.

GDPR’s concept of ‘Personal Data’ is explained in this article.

How is tawk.to preparing for GDPR?

We take the security of your data very seriously here at tawk.to. Protecting our customers’ information and their users’ privacy is extremely important to us. We are dedicated to assisting our users to help them understand and prepare for GDPR.

These are the measures we’re taking to ensure that tawk.to and all our users meet GDPR requirements:

Policies updates

We are currently updating our Privacy Policy, Terms of Service and Cookie policy to adhere to GDPR and to ensure we are transparent with what we do with your data and the data we allow you to gather from your users. In the coming weeks we will notify you about the updates to our policies.

We have submitted our self-certification for the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks that were designed by the U.S. Department of Commerce and the European Commission and Swiss Administration to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union and Switzerland to the United States in support of transatlantic commerce.

Tawk.to is also registered with the Information Commissioner’s Office (ICO) in the United Kingdom.

Tools and features to help you comply with GDPR

As a data processor, we are releasing features and tools that will help you comply with data requests from your users.

– Ability for agent to delete contacts
– Export tickets and chats by agents for visitor
– Property settings for disabling IP recording of visitor IP
– Data privacy consent form from visitor widget

Tools and features to help us comply with GDPR:

– Automated agent account deletion
– Data export tool

Data Processing Agreement with our Sub-processors

We’re in the process of reviewing and entering into Data Processing Agreements (DPA) with our vendors to ensure your data and the data of your users is protected – here is a list of sub-processors.

Data security

We take security seriously here at tawk.to, and it has been our focus from day one. As part of GDPR compliance we will review our security measures and responses.

We guarantee to meet all the requirements of the General Data Protection Regulation by the 25th of May 2018.