Home > GDPR Recommended practices
Categories: Featured Article
(Last Updated On: )
About This Article
This article explains GDPR Recommended practices.
There’s a lot of information in regards to GDPR out there as this topic is very complex, and it is different for each of our clients. Your company has most likely done extensive research, and perhaps been in touch with legal advisors, on how to handle SnapEngage data and when to delete it.
The following advice should not be taken as the definitive answer on GDPR and we would still advise you to consult with a lawyer or a legal team, as each company needs to know what to do, but it may give you a better understanding on how we are complying with GDPR.
Ask for consent
You can add a checkbox and add your privacy policy onto it using the Design Studio on a pre-chat and an offline form. Asking for consent is one of the key objectives of this new regulation. What’s important is to be really transparent with the visitor. You should tell them where the data is going (sharing the address of your company for example). They also need to understand if your agents are in a different country, or what you are doing with the data they are giving you. We recommend that you put your whole privacy policy on the verbiage rather than behind a link. Making the checkbox required will stop the visitor from starting a chat unless consent is given.
Know the legal basis
Know the legal basis for the data retention, and decide how long you should keep the data for. This may be complicated, and there may be conflicting information, where GDPR asks you that you delete your data after you no longer need it, but you may have other needs in order to comply with accounting or medical requirements as well. We help you with our retention and deletion tools. With these tools, you can choose how long to keep the data for. Everything prior to that will be deleted, but we also offer you the option to delete data on demand, for when visitors request you delete their data. You can search for their data by email, on the logs section, and delete it.
Channels
If you are using communication channels other than web, you also need to determine with them whether they are being compliant or not, and how they are using the data.
Integrations
SnapEngage has some great integrations, which allow you to choose where to send the transcripts once a chat has ended. SnapEngage is processing your visitor’s data on your behalf, and passing it to the destination of your choice, but you need to decide which integration we are passing their data to, which is another data processor, and they also need to be GDPR compliant.
Sneak peek
Sneak peek is a great feature that, if enabled, allows you to see what the visitor is typing, which is great for faster responses, however, you need to understand, that you may not be GDPR compliant when using this feature unless you are very transparent on the privacy policy when the visitor accepts to start the chat. What we recommend here is to ask for explicit consent and explain this feature is on, or turn it off completely from the options tab.
What about proactive chat?
For proactive chats, or manual chats that don’t have a pre-chat form, we recommend using the Approval checker. With the approval checker, you will require your visitors to accept the privacy policy before starting a chat.
Published May 24, 2018