In this article I look at 15 Live Chat applications and report their readiness for the GDPR. My report is based on information supplied by the provider. The content in this article is created for informational purposes only. I do not intend to provide legal or professional advice.
For each application I looked at, I attempted to find out the following:
- Has the vendor published a plan stating how they are preparing for GDPR?
- Are customers' rights under the GDPR covered by application features or processes? These rights include the right to erasure (aka the 'right to be forgotten'), the right to rectification and the right of access.
- Has the vendor updated their Data Processing Agreements (DPAs) for GDPR?
- Has the vendor appointed a Data Protection Officer?
- Where data is stored outside the EU, has the vendor self-certified under the Privacy Shield programme?
- Does the vendor meet industry standards for security, such as SOC 2, ISO 27001 or CSA?