This article explains how Smartsupp handles data privacy and GDPR compliance — including when you need customer consent and which cookies Smartsupp sets on your visitors' browsers.
We've broken the article into a few sections:
Does Smartsupp comply with the GDPR?
Yes, Smartsupp is GDPR compliant. Here's what that means in practice:
Data storage: Our data is stored primarily within the EU. Some data is also stored in the US and other countries, where we ensure that our processors maintain a similar level of data security as in the EU.
Sub-processors: Our sub-processors (e.g. server hosting) are carefully selected with regard to their guarantees of security and data protection.
Sensitive data: By default, Smartsupp turns off the storage of IP addresses and some other sensitive data when you create your account. You can change this anytime in Settings → Security and privacy.
Visitor notification: We show visitors to your website a message that personal data is being processed using the chat box — helping you fulfill your information obligation.
DPA: We have a Personal Data Processing Agreement with all our customers, describing what data is processed exactly and how and where it is stored.
Do I need approval from my customers when I use Smartsupp?
Smartsupp uses cookies, so it depends on how you use Smartsupp:
✅ No consent needed — basic chatbot only
You use Smartsupp for live chat and basic chatbot, without smart analytics or marketing features. Data is processed based on your legitimate interest to answer a customer's query and provide customer support.
⚠️ Consent required — smart analytics or marketing features enabled
You use smart analytics or marketing features (e.g. visit tracking, targeted automated messages). We recommend using a cookie consent bar where the visitor gives explicit consent to analytical and/or marketing cookies (e.g. Allow All).
How do I edit my processes if I use Smartsupp?
Privacy Policy
Update your Privacy Policy to include the following:
Add Smartsupp.com, s.r.o., ID No.: 036 68 681, with registered office at Šumavská 31, 602 00 Brno to the list of processors.
Include the statement: "We have a legitimate interest to provide customer support, which involves the processing of cookies or other data you enter into the chat box. Personal data in the chat box is processed automatically. Advanced features are only enabled if you have explicitly consented to them using analytics and/or marketing cookies."
Check that the following personal data Smartsupp may process is covered in your scope of processing:
Contact details: name, surname, email address, phone number, or contact details of a social network account
Website visit details: URL of pages visited, date and time of visit, technical information (screen resolution, device type, browser type, operating system, etc.), IP address, geolocation data (country and city)
Cookies and Local Storage
When using the service, new cookies are set and data is stored in Local Storage. Make sure to:
Include Smartsupp cookies in your cookie overview
Categorise them correctly (functional vs. marketing)
Cookies & Local Storage overview
Below is a complete overview of all cookies and Local Storage entries that Smartsupp sets on your visitors' browsers.
Functional cookies
Name | Description | Storage |
ssupp.vid | Identifies visitors to your website. We use this to pair a visitor with a conversation when the page is reloaded, so the ongoing conversation does not disappear and visitors can continue where they left off. This cookie also allows us to display the source, browser information, and number of visits in the visitor information in the Dashboard. | 6 months |
Functional Local Storage
Name | Description | Storage |
_ss.enableSounds | Stores the user's preference for whether the chat window should play sounds. | Persistent (until the application or user deletes it) |
ssupp_<CHAT_KEY> | Stores data relating to visitor and user preferences. The message (automatic) is activated when a visitor sends a message. | Persistent (until the application or user deletes it) |
ssupp_<CHAT_KEY>vid | Works the same way as the ssupp.vid cookie. | Persistent (until the application or user deletes it) |
ssupp_<CHAT_KEY>message | Saves the message the user has begun writing so that when the user reloads the page, the message is preserved and does not disappear. | Persistent (until the application or user deletes it) |
ssupp_<CHAT_KEY>opened | Stores the chat open/closed value so that when the user reloads the page, the chat box returns to its previous state. | Persistent (until the application or user deletes it) |
ssupp_<CHAT_KEY>_cards | Stores data about product cards displayed in the widget. Necessary for performance. | Persistent (until the application or user deletes it) |
Marketing cookies
Name | Description | Storage |
ssupp.visits | Stores the number of previous visits of the visitor. Based on this, we can target automated messages and chatbots more accurately. | 6 months |
Marketing Local Storage
Name | Description | Storage |
ssupp_<CHAT_KEY> | Stores data relating to visitor and user preferences. | Persistent (until the application or user deletes it) |
ssupp_<CHAT_KEY>visits | Like the ssupp.visits cookie. This is marketing information that should not be allowed if the visitor does not consent to marketing cookies. | Persistent (until the application or user deletes it) |
What's next?
Contact collection by chatbot (GDPR) — Learn how to collect visitor contacts while staying GDPR compliant.
Cookie consent — Set up a cookie consent bar on your website.
DPA (Data Processing Terms) — Read the full Data Processing Agreement between you and Smartsupp.
Privacy Policy — Smartsupp's full privacy policy.
💡 Need more help? Contact our support team via the chat box — we're happy to answer any questions about GDPR or data privacy.
