GDPR Compliance

Social Intents supports EU General Data Protection Regulation (GDPR) compliance. This page covers how consent is collected, how data is processed, and how data subject rights are handled.

Consent Collection

You can require explicit consent from visitors before they start a chat conversation.

The visitor's consent status (accepted or not) is:

• Visible to agents during the live chat
• Stored with the chat record
• Included in CSV exports as a "Consent" column
• Available via the REST API in the visitorConsent field

Data Processing

Social Intents processes visitor data only for the purpose of providing the chat service:

• Data is not sold or rented to third parties
• Data is not shared beyond what is necessary to fulfill the service (e.g., delivering messages to your connected platform)
• Data Processing Agreements (DPAs) are available for enterprise customers

Data Subject Rights

Under GDPR, individuals have the right to:

• Access - Request a copy of their personal data
• Rectification - Request correction of inaccurate data
• Erasure - Request deletion of their data
• Object - Object to processing of their data

To fulfill these requests, you can:

• Use the Chat History page to search for chats by email or visitor ID and export or delete them
• Use the REST API to search for and manage chat records programmatically
• Contact Social Intents support at info@socialintents.com for assistance with data subject requests

Account and Data Deletion

When an account is deleted, all associated data is removed in a complete cascade: leads, chat transcripts, agents, widgets, AI training data (including vector embeddings), stored files, and the account record itself. See Data Retention and Deletion.

Shopify GDPR

For Shopify app installations, Social Intents supports the mandatory Shopify GDPR webhooks for customer data requests, customer data erasure, and shop data erasure.