Let us guess — you’re here because you’re not sure if that shiny new web chat service you just installed is legally sound. Or maybe you’re considering adding live chat to your site, but you’re not up to scratch on the relevant laws and regulations.

Not to worry. We’ve got you covered with a few ways you can ensure your live chat is legal.

(Disclaimer: We’re not lawyers. This is, by no means, legal advice or an all-inclusive guide. We’ve simply listed a few general pointers for making your web chat service legal.)

Add a privacy policy

Your web chat window should include an easily accessible link to your privacy policy. Although it might already be available in your footer, it’s a good idea to include it in your live chat widget too.

Granted, most privacy policies are similar to terms and conditions agreements in that few people ever read them. But you’re actually required by law to have one.

A legally sound privacy policy should include, in plain English:

• A summary of what personal data your site collects and how it is stored

• How long you store web chat logs

• How you collect data (through text messages, email, etc.)

• How you use or send data to third parties for marketing purposes

• A right to access and erasure clause that allows users to request and erase their data

• Your company’s address and contact information

This is just the bare minimum. The contents of your privacy policy will vary based on the products and services your company offers.

Companies with site visitors from the European Union (EU) must also ensure their privacy policy and practices comply with the General Data Protection Regulation (GDPR).

HIPAA compliance

If you’re in the medical field, your web chat widget must be compliant with the Health Insurance Portability and Accountability Act (HIPAA). 

These regulations ensure patient privacy while also allowing confidential health information to be passed between “covered entities”.

A few covered entities include healthcare professionals, insurance agencies, legal entities, and accounting firms. Basically, any business that receives or transmits confidential health data to perform services.

A HIPAA compliant live chat service should include, at the very least:

• Enterprise-level encryption

• Identity verification/authentication

Because we service the healthcare industry, ZyraTalk’s web chat platform is fully HIPAA compliant.

Require users to opt in

One of the key requirements in the GDPR law is user consent. Customers and site visitors must opt in, or give the site permission to process and store their personal data.

The same premise applies to your web chat widget if you’re processing personal data, like names, email addresses, etc. If your chat window requires your users to fill in a short form, add a checkbox. 

Be sure to add a notice, too, like “I have read the privacy policy” or “I agree to the terms of use”. Don’t forget to link to your policy!

Making your web chat service legal: final thoughts

Most established websites already have a privacy policy. But if you’ve just installed live chat for your business, you’ll want to update that policy to include what data you process through chat.

When you install ZyraTalk, you can rest easy knowing the legal stuff is already taken care of. You can make your chatbot legal in just a few clicks. Then, you’re free to start customizing and chatting away!

If you have any additional questions about our compliant chat software, just let us know!