GDPR Compliance
LiveBotIQ is fully committed to the General Data Protection Regulation and ensuring the rights of EU data subjects — here’s how we protect your data.
Last updated: February 1, 2026 · ~7 min read
Our Commitment to GDPR
The General Data Protection Regulation (GDPR) is the EU’s comprehensive data protection law that gives individuals greater control over their personal data. LiveBotIQ is fully GDPR-compliant and has implemented robust measures to protect your data.
Data Minimization
We only collect what's necessary
Purpose Limitation
Data used only for stated purposes
Storage Limitation
Retained only as long as needed
Data Processing Overview
ALawful Basis for Processing
Contractual Necessity
Art. 6(1)(b)To deliver the Services you have subscribed to.
Legitimate Interest
Art. 6(1)(f)To improve our Services, prevent fraud, and ensure security.
Consent
Art. 6(1)(a)For marketing communications and non-essential cookies.
Legal Obligation
Art. 6(1)(c)To comply with applicable laws and regulations.
BData Categories We Process
Your Rights Under GDPR
As an EU/EEA data subject, you have the following rights:
Right of Access
Request a copy of all personal data we hold about you. We respond within 30 days.
Right to Portability
Receive your data in a structured, machine-readable format for transfer.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Restriction
Limit processing of your personal data under certain circumstances.
Right to Object
Object to processing for direct marketing or legitimate interest.
Right to Rectification
Request correction of inaccurate or incomplete personal data.
To exercise any right, email gdpr@livebotiq.com. We acknowledge within 72 hours and fulfill within 30 days.
Data Controller vs. Data Processor
As Data Controller
LiveBotIQ is the data controller for personal data collected directly from you — your account information, billing data, and marketing preferences.
As Data Processor
When you use LiveBotIQ to manage customer conversations, we act as data processor on your behalf. You (our customer) are the controller for your end-users’ data.
Data Processing Agreement
We offer a pre-signed DPA covering GDPR requirements for all customers handling EU personal data. The DPA includes:
Contact legal@livebotiq.com to request a copy of our DPA.
International Data Transfers
When transferring personal data outside the EU/EEA, we rely on:
Standard Contractual Clauses
EU-approved contractual safeguards for data transfers
Adequacy Decisions
Transfers to countries with adequate data protection levels
Supplementary Measures
Additional technical safeguards including encryption and access controls
Data Breach Notification
In the event of a personal data breach, LiveBotIQ follows a structured response process:
Detection
Internal monitoring and automated alerts identify the breach
ImmediateAssessment
Security team evaluates nature, scope, and data affected
< 24 hoursNotification
Affected customers notified with details and remediation steps
< 72 hoursResolution
Full remediation, post-incident review, and breach register update
OngoingSub-Processors
We use the following sub-processors to deliver our Services:
| Provider | Purpose |
|---|---|
| AWS | Cloud hosting & infrastructure |
| Stripe | Payment processing |
| OpenAI | AI model inference (BotIQ) |
| SendGrid | Transactional email delivery |
| Mixpanel | Product analytics |
Data Protection Officer
For GDPR-related inquiries or to reach our Data Protection Officer:
DPO Email
dpo@livebotiq.comAddress
LiveBotIQ (Laabam One Business Solutions Pvt. Ltd.), DPO, 285 A, Anna Nagar East Cross Street, Madurai - 625020, Tamil Nadu, India