GDPR compliance is demanded of all businesses handling EU citizens' data by 25 May 2018. For companies across every industry, the paradigm of data privacy has changed fundamentally. Under GDPR, companies must follow uniform rules on how personal data is processed or face severe penalties.
These changes extend into live chat software. Every company using chat technology as a communication channel must prepare to adapt their dealings with consumer data – which can be a daunting procedure.
To help, we’ve compiled an actionable checklist for live chat customers. Tick off these six straightforward steps to start your journey to GDPR compliance.
1. Raise internal awareness
The first step is as obvious as it is important. You’ll need to get the right teams involved to ensure GDPR compliance when using live chat software – from marketing to IT to customer service. So, get the GDPR conversations started and make sure the right people are aware of its implications.
It’s also worthwhile to speak to your live chat provider at this early stage. Find out what options they can offer to help you with GDPR compliance, such as encryptions, installable deployments or secure EU cloud hosting. The earlier you prepare, the better placed you’ll be.
2. Audit your live chat usage
Start documenting the data that flows through your chat channel. It’s important to detail all possible touchpoints, including how, where and why you obtain data, how you hold it, who you share it with, and how you store it.
Bear in mind that live chat doesn’t begin and end with a chat session. Doubtless, you’ll also be using the software for tracking and web analytics purposes, as well as for populating a CRM or database. All this involves a stream of consumer data, and it will need documenting at every stage.
4. Allow consumers to take affirmative action
Consumer consent is a cornerstone of GDPR compliance. Under the new regulations, consent must be freely given, specific, informed and unambiguous in order to meet GDPR requirements. Web visitors and chat users, then, must be able to take affirmative action to signify permission.
5. Commit to transparency
Live chat software is all about clear, upfront communication. Fortunately, that’s also a key aspect of GDPR compliance. You need to be clear, frank, and comprehensible in your communications with consumers regarding their data.
So, tell users what data you need, and why you need it. Let them know where it is stored. Give them an easy way to change their mind and opt-out at any time. In short, respect the consumer’s rights, and don’t withhold information.
6. Ensure your data is stored securely
You acquire constant data through live chat software. It’s your duty to store that data safely and legally. If you use cloud-based live chat software, be sure that your cloud provider is based in an EU-approved country, with high-security data centres.
If you use an installable live chat solution, you must take internal security measures. This can include – but is not limited to – passwords protection, firewalls, and encryption. Remember: you must take satisfactory security steps to ensure the confidentiality, integrity, availability and resilience of processing systems and services.
While you’re completing this checklist, remember that GDPR compliance is an opportunity, not an onus. With open, consensual procedures in place, you can benefit from a better quality of data from more informed, invested users.