Enabling Web Chat GDPR statement (as of 3/20)
- The following elements of EU resident data may be present in the system:
- Display name entered by webchat visitor, and any other data entered into the chat request form via your custom questions.
- Chat Log: timestamp of when chat request was received and which agent group the request was for.
- Personally identifiable may be present in:
- All customer data is keyed back to a unique ID per-customer, allowing for pulling customer-specific data for audit.
- Access to the database is locked down to only the server-side server components.
- No customer has direct access to query or view data from the database.
- Access to view archived chat request and/or conversation text data for your account is only available via the webchat online dashboard.
- This online dashboard is secured using Microsoft identity framework user accounts/passwords. Only webchat users with webchat account admin security permission are able to view the reporting tab/data in the dashboard.
- Chat log archives: Conversation text is not archived in the database by default. You can optionally enable conversation text archiving via the Webchat online dashboard.
- Conversation text is currently stored in sql as plain-text.
We plan to have the following in place by May 25.
- Encryption at rest for any customer-data in the database (including conversation text and answer data)
Ability for orgs to pull their own customer records from the system for audit