You have probably heard of GDPR and perhaps you are wondering what this will mean for your chatbot? Just like any other application within your business, your chatbot will have to be GDPR compliant. There are very different ways to go about GDPR, and also different rules for different businesses. It’s therefore up to you to make sure that the chatbot is compliant with the regulations.
Below you'll find some information about how we store conversation-specific data.
Data relating to a conversation between a bot and an end user is stored in two different locations; the end user's browser, and our database.
The data stored in the Local Storage of the end user's browser contains the following information:
BotId - The ID of the bot
UserId - The ID of the end user
AllMessages - Messages from the last active conversation
WebChat Widget state - The state of the Widget (open or closed)
To ensure that this data is deleted every time a new conversation is started, enable clear_past_conversations in the Widget script. The Local Storage data is also deleted every time a different bot is initialized in the same browser, and when the end user clears their cache. It's important to note that this data never goes anywhere else but the end user's computer, and that all the data is encrypted.
If you want to delete the conversation data for all end users that have used a given bot, we recommend using the Data Deletion function in Bot Settings. This will remove the data from our database.
If you want to know more about how we, at Certainly, handle data, please read our Data Processor Agreement.