tawk.totawk.to
· Data Protection

GDPR compliance.

We take the security of your data very seriously. Protecting our customers' information and their users' privacy is extremely important to us — and we're dedicated to helping you stay compliant with GDPR.

· Last updated April 9, 2025· 5 min read

What is GDPR?

The General Data Protection Regulation (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union, and the European Commission unify data protection for individuals within the EU. It creates consistent data protection rules across Europe and applies both to companies based in the EU and to global companies that process personal data of individuals in the EU. The regulation came into effect on 25 May 2018.

How does GDPR affect you?

If you process personal data of any person in the EU, GDPR applies to you regardless of whether you're based in the EU or not. Beyond strengthening and standardizing user data privacy across EU nations, it imposes new or additional obligations on all organizations that handle EU citizens' personal data, regardless of where the organizations themselves are located.

How tawk.to is compliant

These are the measures we have taken to ensure that tawk.to and our users meet GDPR requirements.

Policies updates

We updated our Privacy Policy, Terms of Service, and Cookie Policy to adhere to GDPR and to ensure we are transparent about what we do with your data and the data we allow you to gather from your users. If and when further changes are made, we will notify you about updates to our policies.

We have submitted our self-certification for the EU-U.S., UK-U.S., and Swiss-U.S. Data Privacy Frameworks designed to provide companies on both sides of the Atlantic with a mechanism to comply with data protection requirements when transferring personal data from the European Union, UK, and Switzerland to the United States. tawk.to is also registered with the Information Commissioner's Office (ICO) in the United Kingdom.

Tools to help you comply

As a data processor, we have released features and tools that help you respond to data requests from your users.

  • Ability for agents to delete contacts.
  • Export tickets and chats by agents for a visitor.
  • Property settings for disabling IP recording of visitor IP.
  • Data privacy consent form on the visitor widget.

Tools that help us comply

  • Automated agent account deletion.
  • Data export tool.

Sub-processors

We have entered into Data Processing Agreements (DPAs) with our vendors to ensure your data and your users' data is protected. The current list of sub-processors is published at tawk.to/data-protection/sub-processors/.

Data security

We take security seriously, and it has been our focus from day one. As part of our GDPR compliance work, we continue to review our security measures and responses on an ongoing basis to remain compliant.

· Need a DPA?

Send a request,we'll sign.

Need our Data Processing Addendum, sub-processor list, or a tailored DPA for your team? Email compliance@tawk.to.

Request a DPAPrivacy Policy
· EU-U.S. DPF certified· ICO registered (UK)· DPA on request