Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Qualva is a Japanese AI chatbot service developed by JECC/Fourmix that replaces traditional web forms with a conversational interface to improve conversion rates. The chatbot collects user input data, tracks visitor behaviour, and uses session cookies for conversation persistence. As a Japanese service, personal data is transferred to Japan, which benefits from an EU adequacy decision under GDPR. Consent is required for the chatbot widget's tracking cookies and analytics features.
Qualva is an AI-powered chatbot service developed by JECC/Fourmix in Japan. It replaces traditional web forms with a conversational interface designed to improve conversion rates (CVR). The chatbot can be installed at key conversion points such as document requests, reservations, and purchases. Qualva supports multiple languages, AI voice recognition, and features that restore previously entered information when users return to the browser after closing it. It is primarily used in e-commerce and lead generation contexts.
Qualva sets session cookies to maintain the conversation state and identify returning visitors. The chatbot collects personal data entered by users during conversations, including names, email addresses, phone numbers, and any other form fields configured by the website operator. Qualva also tracks visitor behaviour on the page (interaction patterns, session duration, abandonment points) for analytics and conversion optimisation. A session restoration feature uses persistent storage to remember user inputs across browser sessions.
Qualva processes personal data through its conversational interface, making it subject to GDPR when used on websites targeting EU visitors. The chatbot''s session cookies and visitor tracking require consent under the ePrivacy Directive (Art. 5(3)), as they go beyond what is strictly necessary for a service requested by the user. The AI and NLP features that analyse user inputs constitute automated processing of personal data under GDPR. Website operators using Qualva must ensure they have a valid Data Processing Agreement in place and that their privacy policy discloses the chatbot''s data processing activities.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Qualva is operated from Japan, meaning personal data collected through the chatbot is transferred to and processed in Japan. The European Commission has granted Japan an adequacy decision under GDPR Art. 45, recognising that Japan provides an adequate level of data protection. This means no Standard Contractual Clauses (SCCs) or other transfer mechanisms are required for Qualva data transfers. However, website operators should still mention the transfer to Japan in their privacy policy for transparency.
Consent is required before loading the Qualva chatbot widget if it sets non-essential cookies or tracks visitor behaviour. The chatbot should only be activated after the user has given consent through your cookie management platform. If Qualva is used purely as a customer-initiated support tool with only strictly necessary session cookies, legitimate interest may apply, but this should be carefully assessed with your DPO. All analytics and conversion tracking features require prior consent.
Configure your CMP to block Qualva scripts until consent is obtained. List all Qualva cookies in your cookie policy with their purposes and durations. Ensure your privacy policy mentions the data transfer to Japan and the EU adequacy decision. Request a DPA from Qualva/JECC if processing EU personal data. Implement data minimisation by only collecting necessary fields through the chatbot. Provide clear information to users about how their conversation data will be used before they begin interacting with the chatbot.
Websites using Qualva must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA may be recommended for Qualva deployments processing large volumes of personal data through the chatbot, particularly if AI features analyse user behaviour or if sensitive data (health, financial) is collected through the conversational interface.
Sample consent text
We use Qualva to provide an interactive chatbot on this website. Qualva collects information you provide during the conversation and uses cookies to maintain your chat session. Data is processed in Japan under an EU adequacy decision. You can close the chatbot to decline non-essential cookies.
Third-party domains contacted
qualva.comchat.qualva.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| qualva_session | session | Session | Maintains the chatbot conversation state and tracks the current interaction |
| qualva_visitor | persistent | 1 year | Identifies returning visitors and restores previously entered form data across browser sessions |
Qualva collects user analytics data — you legally need a consent banner. Try FlowConsent free.
Yes. Qualva sets session cookies to maintain the conversation state and identify returning visitors. It also uses persistent storage to restore previously entered information across browser sessions.
Yes. Consent is required for Qualva's tracking cookies and analytics features under the ePrivacy Directive. If used purely for customer-initiated support with only essential session cookies, legitimate interest may apply, but this requires careful assessment.
Consent (Art. 6(1)(a) GDPR) for tracking cookies and analytics. Legitimate interest (Art. 6(1)(f)) may apply for essential session cookies. Contract performance (Art. 6(1)(b)) may apply for data collected through the chatbot to fulfil a specific request.
Yes, data is transferred to Japan where Qualva is operated. Japan benefits from an EU adequacy decision under GDPR Art. 45, so no Standard Contractual Clauses are required. Mention the transfer in your privacy policy for transparency.
A DPIA is recommended if the chatbot processes large volumes of personal data, collects sensitive information, or uses AI features for automated profiling. Standard deployments with basic form replacement may not require one.
Block Qualva scripts until consent is obtained via your CMP. List all cookies in your cookie policy. Mention the Japan data transfer in your privacy policy. Request a DPA from Qualva. Minimise data collection to only required fields.
EU-based chatbot alternatives include Crisp (France), Userlike (Germany), and Tidio (EU hosting available). These offer similar conversational form features with EU data residency, simplifying GDPR compliance.
List all Qualva cookies with their names, types (session or persistent), durations, and purposes. Categorise them under "Functional" or "Analytics" depending on their role. Include Qualva in your list of third-party processors with a link to their privacy policy.