Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Gorgias is a US French customer support helpdesk built for ecommerce that unifies email, live chat, social media DMs and voice into a single inbox. It integrates natively with Shopify, BigCommerce, Magento and WooCommerce. The Gorgias Chat widget sets first party cookies on the storefront for conversation continuity.
Gorgias is a customer support helpdesk co founded in Paris and now headquartered in San Francisco. Built for ecommerce merchants, it unifies email, live chat, Instagram, Facebook, WhatsApp, SMS and voice into a single agent inbox with deep Shopify, BigCommerce, Magento and WooCommerce integrations. European DTC brands use Gorgias to centralise customer service across channels and to automate replies with AI macros.
The Gorgias Chat JavaScript widget sets the gorgias_voucher_uuid first party cookie under the storefront domain, plus a gorgias_chat_user cookie that links the visitor to an ongoing conversation. It also stores conversation history in localStorage. The widget loads scripts from config.gorgias.chat and assets from gorgias.chat.
Gorgias acts as a processor for the customer support data the merchant uploads (tickets, customer profile, conversation history). The merchant is the controller and must sign the Gorgias DPA. The chat widget cookies require ePrivacy consent because they are set proactively before the visitor initiates a conversation. The inbox processing relies on contract for the customer relationship and legitimate interest for fraud prevention.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Prior, freely given, specific, informed and unambiguous consent under Article 5(3) ePrivacy is required before the Gorgias Chat widget is initialised. A consent management platform should withhold the gorgias.chat script tag until the visitor accepts the functional or strictly necessary category, depending on whether chat is presented as a comfort feature or as the primary contact channel.
Gorgias Inc. is established in the United States. Customer data is processed on Google Cloud Platform US regions by default, with an EU shoppers data option (Belgium region) available for European merchants. Gorgias self certifies under the EU US Data Privacy Framework. Standard Contractual Clauses are included in the Gorgias DPA.
Sign the Gorgias DPA, activate EU shoppers data residency for European customers, gate the Gorgias Chat widget behind a consent management platform, list the chat cookies in the cookie policy, document the US transfer under the EU US Data Privacy Framework, and configure ticket retention periods aligned with your customer service SLAs (12 to 24 months is common).
Websites using Gorgias must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is recommended when Gorgias is used for high volume ecommerce inboxes, when AI auto reply features are activated (which involve automated decision making under Article 22 GDPR), or when sensitive customer data flows through chat (health, payment disputes).
Sample consent text
Our online shop uses Gorgias to power live chat and customer support. When you open the chat widget or after you accept the functional cookies category, Gorgias sets cookies on your browser to keep your conversation state. Without consent, you can still contact us by email through the contact form.
Third-party domains contacted
config.gorgias.chatgorgias.chatapi.gorgias.iogorgias.iogorgias.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| gorgias_voucher_uuid | first_party | 1 year | Gorgias Chat first party visitor identifier set under the storefront domain. Used to keep the visitor associated with chat conversations and to attribute conversion events back to Gorgias. |
| gorgias_chat_user | first_party | 1 year | Links the visitor to an ongoing chat conversation in the Gorgias inbox. Allows resumption of the conversation across pages and devices. |
| gorgias_chat_state (localStorage) | first_party | Persistent | Conversation history and widget state stored in browser localStorage on the storefront domain. |
Gorgias uses cookies for user preferences — inform visitors with a consent banner.
The widget sets gorgias_voucher_uuid (first party visitor identifier) and gorgias_chat_user (linked to an ongoing conversation). It also stores conversation history in browser localStorage on the storefront domain.
Yes. The chat widget cookies are dropped proactively, before any visitor interaction. Prior, freely given, specific, informed and unambiguous consent under Article 5(3) ePrivacy is required. A consent management platform must hold back the script until consent is granted.
The Chat widget cookies rely on Article 6(1)(a) GDPR consent. The Gorgias inbox processing relies on Article 6(1)(b) GDPR (contract) for the merchant customer relationship and Article 6(1)(f) GDPR (legitimate interest) for fraud prevention and service operations.
Yes by default. Gorgias Inc. is established in the US and processes data on Google Cloud Platform US regions. European merchants can activate the EU shoppers data option (Belgium). Gorgias self certifies under the EU US Data Privacy Framework. Standard Contractual Clauses are included in the Gorgias DPA.
A DPIA is recommended for high volume ecommerce inboxes, when AI auto reply features (which involve automated decision making under Article 22 GDPR) are activated, or when sensitive customer data flows through chat such as health complaints or payment disputes.
Sign the Gorgias DPA, activate EU shoppers data residency, gate the Chat widget behind a consent management platform, list the chat cookies in the cookie policy, document the US transfer, set ticket retention periods aligned with your SLAs and remove the chat script from pages where consent has not been collected yet.
EU based helpdesk alternatives include Crisp (France), Userlike (Germany), Tidio (Poland), HelpCrunch (Ukraine and EU regions), Freshdesk (with EU hosting) and self hosted alternatives such as Chatwoot, ChatGPT plugin based stacks and FreeScout.
Add a dedicated chat or customer support category disclosing gorgias_voucher_uuid and gorgias_chat_user with name, domain, duration and purpose. Disclose the US transfer and EU shoppers data residency, link to the Gorgias privacy notice and provide a way to clear the chat history (logout button or localStorage purge).