We also focus on data protection when hosting. All personal data is encrypted and stored on servers in Germany. Here you will find some tips on how to deal with the topic: Operating ChatBot in a DSGVO data protection compliant manner.
Personal data - what needs to be considered
With the entry into force of the General Data Protection Regulation(GDPR) on 25 May 2018, the handling of personal data has been tightened. If you use a ChatBot or Live Chat on your website, this data is also subject to data protection. Therefore, the use of a German ChatBot is expressly recommended, as otherwise the data storage usually takes place abroad.
Privacy and data protection
ChatBot4You chat does not collect any personal data during an ordinary conversation. Only data that the customer explicitly provides is transmitted. If you request personal data from the customer for further processing with the integrated ChatBot in the course of a conversation, the customer can issue a consent dialogue for the collection of personal data directly before the request for data. The customer's consent is recorded. If the customer denies consent, the ChatBot cancels the questioning.
Data subjects' rights
ChatBot and data protection
In order to be able to operate a ChatBot in compliance with the GDPR, the following points must be particularly observed:
Collect / use personal data
The same DSGVO regulations apply here as on your website.
Basically, the ChatBot of ChatBot4You can be used completely anonymously. No personal data is collected via the chat on the website, unless you ask the user to provide such data. Via the chat in Facebook Messenger, the name, profile picture and mail address of the user are collected and stored.
Right to be forgotten / data access
Every user has the right to inspect the data that a company stores about them, to change this data or to delete it. According to DSGVO, every user has the "right to be forgotten". If a user insists on it, you must remove all user data from the database.
Each user can delete the entire chat history via the menu in the chat window of the website itself. You can permanently and completely delete a single chat history including all data at any time.
Before storing personal data, the user must consent to the storage process.
No data is collected via the chat on the website. If you request data such as e-mail address or name, you can use the ChatBot to draw the user's attention to the storage and obtain his or her consent.
With external service providers, you must conclude an order processing contract in accordance with DSGVO.
We provide you with a ready-made contract for commissioned data processing in the customer menu. You can conclude this contract directly with us online.
The GDPR obliges to take technical and organizational measures for data protection.
ChatBot4You stores the data in a German data center. All communication content and customer data is stored and transmitted in encrypted form. The offices are also secured with a biometric access control. Access is only permitted to employees during office hours. Visitors are always escorted. All access devices are password protected.
This does not constitute legal advice, but is only intended to provide a small insight into data protection (DSGVO) in dealing with ChatBots. There is also no guarantee for completeness and correctness. Please talk to your lawyer and data protection officer.