Is Userlike GDPR compliant?

Userlike takes data protection and privacy very seriously and has implemented all necessary measures that the GDPR entails.

Deletion of data

During a chat, personal data is sometimes generated. These are stored with the chat transcript. Transcripts are deleted, at the latest, after deleting your Userlike account. However, you can also delete individual transcripts beforehand or delete all transcripts automatically after a period of time. You define this period yourself in your Userlike account after which the automatic deletion takes place. 

Service providers/subcontractors
We have concluded GDPR-compliant data processing agreements (DPA) with the service providers we use to process personal data. In addition, we check the service providers we use for their GDPR compliance and strive for long-term partnerships with them. For example, we have been working together with our service provider, Hetzner Online GmbH from Germany, in a trusting relationship for years. Should there ever be a change to our service providers or a new assignment, we assure you that the issue of data protection will be at the forefront of the selection process.

Processing of personal data
Personal chat data of your end users is processed in Germany (locations: Falkenstein, Nuremberg) by our service provider Hetzner Online GmbH. Compliance with all data protection requirements is regularly confirmed by independent auditors.

The delivery of our content is handled by our content delivery network service provider AWS. When using the CDN to deliver technical components (such as DNS, website images, JavaScript code or stylesheet files), only the following personal data is processed by AWS and deleted after 24 hours:

  • IP address
  • Browser
  • Operating system
  • Timestamp
  • Encryption algorithm
  • Encryption protocol

All other services beyond these core functions are optional - depending on customer settings and the subscribed package. If these services are not activated, or if they are not included in the package, no data is processed via these providers.

User rights
In your Userlike account you can assign user rights and thus define which operator has which permissions. For example, you can restrict the access rights for some operators so that they can only chat, while giving access to the configuration and analytics area to others. User permissions can be customized in the role editor.

Training of employees
There are regular internal training sessions for Userlike employees. During these sessions, employees are informed about the requirements of the GDPR. Employees from the Sales and Customer Success departments in particular are trained intensively in order to be able to answer customers' inquiries correctly.

Documentation
Userlike's internal Wiki system has been expanded to include various process descriptions to ensure that the data protection processes are implemented and documented in a meaningful way. This ensures that inquiries from data protection supervisory authorities or end users can be answered promptly.

Contact details of the data protection officer of Userlike UG (haftungsbeschränkt)
Dr. Jochen Notholt
Lindwurmstr. 10
80337 Munich

E-mail: privacy@userlike.com

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.