GDPR Compliance & LiveCall

LiveCall fully complies with EU General Data Protection Regulation (GDPR). At LiveCall, we strive to meet the highest privacy and security standards in the industry.

How LiveCall prepared for GDPR

The LiveCall team worked over many months to prepare for GDPR and ensure we meets its obligations and maintain transparency how we use data.

The steps LiveCall took:

  • Performed an audit and defined necessary changes to data processing
  • Appointed a Data Protection Offer
  • Implemented product changes to increase personal data security (listed below)
  • Introduced changes to the product to facilitate Data Subjects’ rights (listed below)
  • Signed data processing agreements with providers (subprocessors)
  • Reviewed and updated our Terms of Service and Privacy Policy
  • Created backup processes to restore data
  • Put in place procedures for risk analyses
  • Provided GDPR compliance training for the entire LiveCall staff
  • Prepared a data processing agreement for our customers

Product changes for GDPR compliance and privacy by design

The LiveCall product team implemented features to ensure GDPR compliance and meet stringent privacy requirements demanded by our customers.

Features in the LiveCall widget:

  • Collecting user consent via checkbox in the widget,
  • Text fields to facilitate the information obligation to the user (data controller).

Features in the LiveCall panel and backend:

  • Encryption of call recording files,
  • Enabled permanent deleting of call recording files,
  • Clearing lead history after a specified period,
  • Telephone numbers of leads can be hidden from users with non-admin access.

With LiveCall, customers can also switch off call recordings entirely to meet their internal requirements.

Our providers (subprocessors)

LiveCall uses providers that explicitly comply with GDPR. Most providers are located in Europe and
LiveCall has a Data Protection Agreement signed with them. Any USA-based providers are entrusted with data in compliance with Decision 2010/87/UE on standard contractual clauses.

Scope of Personal Data collected

Each LiveCall customer decides how much personal data the LiveCall widget should collect. Data collected by the LiveCall widget is given to LiveCall for processing as a Data Processor. The LiveCall customer remains the Data Controller.

In order to use LiveCall services, it is necessary to process leads’:

  • Phone numbers
  • IP addresses

Optionally, LiveCall customers may choose to:

  • Create and store call recordings with LiveCall,
  • Use the LiveCall widget to collect names, email address and other user input defined by the LiveCall customer.

LiveCall is a Data Controller for personal data such as:

  • Users’ emails,
  • Users’ phone numbers,
  • Payment details.

This data is required to use LiveCall’s services.

How to use LiveCall to comply with GDPR

If you process personal data of EU citizens, or your company is based in the EU, you should implement certain features when using LiveCall:

  1. Add an information notice in your widget pop-up about data processing. If you record calls, you should mention it in this notice. You may also add a link to your privacy policy here.
  2. If you plan to use personal data for other marketing activities, include an optional checkbox to get consent. You can find information about consent given in your LiveCall call reports.
  3. Protect your data created with LiveCall. Make sure to keep data in secure locations and databases. Before sending data via email or communications channels that are not entirely secure, make sure to encrypt any call reports that contain leads’ data.

If you have any questions concerning personal data processing, please send a message to

hello@livecall.io .

For more details on data processing, please read section 7 of the Terms of Service.