Zopim API request for GDPR compliance - add consent and decline controls via API

Answered

3 Comments

  • Prakruti Hindia
    Comment actions Permalink

    Hi Richard,

    Thank you for writing in. We have a Cookie Policy which documents the type of information stored in the cookie. It can be used to inform your users and request for consent, if required.

    Zendesk Chat offers Javascript API to display a notice, consent form to new users before starting a chat. setDefaultImplicitConsent API can be used to disable the chat widget and not store cookie until visitor explicitly allows it.

    We do not provide a way to enable/disable cookies centrally using an API. The website can use the clearAll API to remove visitor information once the chat has ended or before beginning of chat to remove cookie-specific behavior. 

    GDPR goes deeper than storing information in a cookie. With cookies disabled, the user could share personal identifying information during the chat. We are looking at providing accounts with an ability to delete this information. We will keep our GDPR page updated with more information. 

    - Prakruti

     

     

    0
  • Richard Vencu
    Comment actions Permalink

    Hi,

    I tested a couple of days the new privacy settings and the number of chats dropped 10 fold.

    There is some mistake in implementation, as the chat button appears with the text: Chat Closed

    The visitor has no idea that he needs to click on that (what is the incentive when it states the chat is closed) then agree with the cookies. On desktop I am opening the chat window from API so the visitor can see (but this can be annoying if it is repeating every page) but on mobile that is now over 60% of the traffic is impossible to do it, or the visitor will become very confused.

    This consent is also killing any trigger initiated chats. The visitor might give me the consent for the whole site through the control panel (see https://ivory.dentfix.ro/ for sample) that IS compliant with GDPR since I am the data controller on my site. Zendesk acts as data processor only and our relationship is governed by EU-US Privacy Shield at the moment.

    Therefore my request to allow me to control the cookie consent for the chat module via API stands from a legal point of view and it also solves a big usability problem.

    I will disable the privacy module until May 25 or until you will provide this API interface. If this will not be provided I am afraid we will need to find other solution that will satisfy both GDPR requirements and usability requirements.

    0
  • Prakruti Hindia
    Comment actions Permalink

    Hi Richard,

    If there is already a prompt on the website/mobile web to ask for customer's consent, we could consider loading the chat once the customer has opted in. 

     
    We can also include an option to delete the cookies on the control panel. The cookie deletion can be triggered using clearAll API
     
    Trigger initiated chats require the visitor's consent to cookies. Since it is waiting for explicit consent, they did not fire. Conditionally loading the widget based on visitor's consent will support the trigger initiated chats too. 
     
    We would be interested to hear if this works for you. 
     
    - Prakruti
     
     
     
     
     
     
    0

Please sign in to leave a comment.

Powered by Zendesk