Chatlio

Description Features Permissions Security & Compliance

Chatlio is the first and best app to let you talk to your website visitors and users directly from Slack. Setup takes less than 1 minute and provides you with a chat widget to put anywhere you want on your site. Visitors to your site then can instantly chat with you about pre-sales questions, support issues, etc. while you and your team respond directly from Slack without any additional tools to install or use. There are many other features, like automatically trigger messages to visitors based on the page(s) they are on.Chatlio provides the same great experience you already know from Slack. Features include typing indicators, emojis, code block highlighting, requesting screenshots, identifying your visitors location, browser, and any other custom details about your visitors you provide like email, name, etc. and many, many more.

Permissions

Chatlio will be able to view:

Chatlio will be able to do:

Review the details to better understand this app’s security practices. To learn more about assessing apps for your workspace visit our Help Center.

General

Privacy & data governance

Data retention policy

Chatlio will retain personal information for as long as necessary to provide the products and fulfill the transactions you have requested, or for other essential purposes such as complying with our legal obligations, resolving disputes, and enforcing our agreements. Because these needs can vary for different data types, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, to meet our legal compliance obligations, we maintain minimal account information for 7 years. This includes the email of the user who signed up for Chatlio, and the billing information including invoices at our payment processor. For all other data we delete as soon as practicable. For example, we purge all web access logs in no more than 90 days, including records of visitors who did not start a chat conversation.

Data archiving and removal policy

If the processing of personal information about you is subject to European Union data protection law, you can request access to, and rectification or erasure of, personal information. To make such requests, contact us at privacy@chatlio.com or review https://chatlio.com/legal/eu-privacy-summary/ for more details on contact options. When we are processing data on behalf of another party that is the “data controller,” you should direct your request to that party. If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act (“CCPA”), you have a right to request deletion of the personal information we have collected about you. To delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law. To make requests, please contact us at privacy@chatlio.com or by using the contact information provided at the bottom of the policy: https://chatlio.com/legal/privacy-policy/ When we are processing visitor’s data as a service provider to a business that is a Chatlio customer, you should direct your request to that business. You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.

Data storage policy

The personal information we collect may be stored and processed in your country or region, or in any other country where we or our affiliates, subsidiaries, or service providers maintain facilities. Currently, we primarily use data centers in the United States of America. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the data in the event of an outage or other problem. We take steps designed to ensure that the data we collect under this statement is processed according to the provisions of this statement and applicable law wherever the data is located. We transfer personal information from the European Economic Area and Switzerland to other countries, some of which have not been determined by the European Commission to have an adequate level of data protection. When we do so, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections. To learn more about the European Commission’s decisions on the adequacy of personal information protections, please visit: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en. We also participate in the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks. Although the EU-U.S. Privacy Shield has been ruled invalid as a legal basis for data transfers to the U.S., we continue to comply with the Privacy Shield Principles with respect to personal information transferred from the EEA, UK, and Switzerland to the United States. Our controlled U.S. subsidiaries, as identified in our self-certification submission, also adhere to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit www.privacyshield.gov. We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission. If third-party agents process personal data on our behalf in a manner inconsistent with the Privacy Shield Principles, we remain liable unless we prove we are not responsible for the event giving rise to any damages. If you have a question or complaint related to our complaince with the Privacy Shield Principles, please contact us as indicated at the bottom of this privacy statement. For any complaints related to the Privacy Shield that cannot be resolved with us directly, you may refer the unresolved matter to an independent dispute resolution mechanism, the BBB EU PRIVACY SHIELD, operated by the BBB National Programs, at https://bbbprograms.org/privacy-shield-complaints/. The services of BBB National Programs are provided at no cost to you. Finally, as a last resort and under limited circumstances, a binding arbitration option is available to address certain residual complaints under the Privacy Shield not resolved by other means. We take reasonable and appropriate steps to help protect personal information from unauthorized access, use, disclosure, alteration, and destruction. All traffic and data is encrypted in transit and we leverage Amazon AWS for hosting Chatlio infrastructure. Access to internal systems are tightly controlled and only those people that require access are given access. Services only expose the ports that are necessary. We monitor logs for abuse and misuse. All backups are encrypted and purged after a short amount of time.

Data center location(s)

United States

Data hosting details

We run Chatlio in AWS in United States regions. Our data is stored in an AWS RDS postgres database.

Data hosting company

AWS

App/service has sub-processors

yes

Guidelines for sub-processors

https://chatlio.com/legal/chatlio-subprocessors/

Certifications & compliance

Security