Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
HelpCrunch is a customer communication platform combining live chat, email automation, a help desk, and a knowledge base in one tool. It sets cookies and collects visitor data including IP addresses, session identifiers, and browsing behaviour from the moment the widget loads. Unlike many US-based competitors, HelpCrunch stores data on EU servers in Frankfurt by default, making it a more GDPR-friendly option for European businesses, though consent is still required before the widget initialises.
HelpCrunch is an all-in-one customer communication platform that combines live chat, email marketing automation, a multi-channel help desk, an AI-powered knowledge base, and a shared team inbox. It is designed as a privacy-conscious alternative to tools like Intercom, with a strong emphasis on GDPR compliance and EU data residency. HelpCrunch stores all customer data on servers located in Frankfurt, Germany by default, which eliminates the third-country transfer concerns associated with most US-based chat platforms. Despite this advantage, the widget still collects personal data and sets cookies, requiring prior consent under the ePrivacy Directive.
HelpCrunch sets a persistent cookie to identify returning visitors and link chat sessions across page views. It also uses localStorage for widget state and conversation context. The platform collects IP addresses, browser type, operating system, pages visited, time on page, referrer URLs, and the full content of all chat conversations. If users are identified (via email capture or login), HelpCrunch links all behavioural data to a named contact record, expanding the personal data footprint significantly.
Although HelpCrunch stores data in the EU, the ePrivacy Directive still requires consent before setting cookies or accessing localStorage on a visitor's device. The widget loads automatically on page entry and initiates data collection before any user interaction, triggering the need for prior consent. Under GDPR, the processing of IP addresses and behavioural browsing data requires a lawful basis. HelpCrunch's EU data residency means no Article 46 transfer mechanism is needed for the core data storage, which simplifies compliance compared to US-hosted alternatives.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Consent must be collected before the HelpCrunch script loads. The widget must be blocked by your consent management platform until a valid consent is recorded. The consent notice should explain that HelpCrunch is used for live chat and customer messaging and that cookies and browsing data are collected. The EU data storage location can be highlighted as a positive differentiator in the consent notice. Users who decline must be able to use the website without the chat widget, and an alternative contact method should be available.
HelpCrunch stores customer data in Frankfurt, Germany, making it one of the few live chat platforms to offer genuine EU data residency as standard, without requiring an enterprise plan upgrade. This eliminates the primary GDPR transfer risk associated with US-based chat tools. Organisations should still review HelpCrunch's sub-processor list to identify any US-based services used for infrastructure, email delivery, or analytics, and ensure these are covered by appropriate transfer mechanisms in the DPA.
To deploy HelpCrunch compliantly: block the widget until consent is obtained via your CMP; categorise HelpCrunch cookies under functional or customer support; update your privacy policy to name HelpCrunch as a data processor with its Frankfurt data centre location; sign a Data Processing Agreement with HelpCrunch; review the sub-processor list in the DPA for any US dependencies; update your cookie policy with the specific HelpCrunch cookies set; and document the processing activity in your Records of Processing Activities, noting the EU data residency as the applicable safeguard.
Websites using HelpCrunch must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is advisable when HelpCrunch is used to handle large volumes of customer conversations that may include sensitive personal data, or when it is integrated with CRM systems that extend the processing scope. The EU data residency reduces transfer risk, but the full sub-processor list should be reviewed to identify any US-based dependencies.
Sample consent text
We use HelpCrunch to provide live chat support and customer messaging on this website. HelpCrunch sets cookies and collects data such as your IP address, browser information, and conversation history. Your data is stored on EU servers in Germany. Please accept to enable the chat and messaging features.
Third-party domains contacted
helpcrunch.comwidget.helpcrunch.comapi.helpcrunch.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| hc_uid | persistent | 1 year | Unique visitor identifier used to recognise returning users and link chat sessions across pages |
| hc_session | session | Session | Session token used to maintain the active chat conversation state during the current browsing session |
HelpCrunch uses cookies for user preferences — inform visitors with a consent banner.
HelpCrunch sets a persistent first-party cookie to identify returning visitors and link chat sessions across pages and visits. It also writes data to localStorage to maintain widget state and conversation context. These are not strictly necessary cookies and require prior consent under the ePrivacy Directive before the widget is allowed to load. The specific cookie name and duration depend on the widget version deployed.
Yes. Even though HelpCrunch stores data in the EU, the ePrivacy Directive still requires consent before cookies are set or localStorage is accessed. The widget loads on page entry and begins collecting data before any user interaction, so consent must be obtained via a CMP before the script initialises. The EU data residency does not remove the ePrivacy consent requirement.
Consent under Article 6(1)(a) GDPR is the appropriate legal basis for HelpCrunch tracking and visitor identification cookies. Legitimate interest under Article 6(1)(f) may apply for maintaining an active chat session explicitly started by the user, but this requires a documented balancing test and cannot substitute for consent when it comes to setting non-essential cookies on the user's device.
By default, no. HelpCrunch stores all customer data on servers in Frankfurt, Germany, making it one of the few live chat platforms with EU data residency as standard. This eliminates the main GDPR transfer risk. However, organisations should review HelpCrunch's current sub-processor list, as some infrastructure components (email delivery, monitoring) may involve US-based vendors covered by SCCs in the DPA.
A DPIA is advisable when HelpCrunch is used to handle large volumes of support conversations likely to contain sensitive personal data, or when it is integrated with CRM or marketing systems that extend the data processing scope. The EU data residency reduces the overall risk profile compared to US-hosted chat tools, but the processing of conversation content, browsing behaviour, and potential identity linking still warrants a risk assessment for high-volume deployments.
Block the HelpCrunch widget script until consent is obtained via your CMP. Categorise it under functional or customer support cookies. Update your privacy policy to name HelpCrunch as a processor based in Frankfurt, Germany. Sign a Data Processing Agreement with HelpCrunch. Review the sub-processor list in the DPA. Add the HelpCrunch cookies to your cookie policy with their name, type, duration, and purpose. Document the processing activity in your Records of Processing Activities.
HelpCrunch itself is one of the more privacy-friendly live chat options due to its EU data residency. For full data sovereignty, self-hosted solutions such as Rocket.Chat or Chatwoot let you keep all data on your own EU infrastructure. Crisp is another GDPR-focused alternative. For organisations that only need basic support ticket management without real-time chat, a simple GDPR-compliant contact form or EU-hosted help desk like Freshdesk with EU data residency may suffice.
Add an entry for HelpCrunch in your cookie policy table listing the cookie name, its category (functional), duration, and purpose (visitor identification and chat session continuity). Note the EU data storage location (Frankfurt, Germany) as this is a relevant disclosure for users. Reference HelpCrunch as a third-party processor, and link to their privacy policy. If any sub-processors are US-based, disclose those transfers and their applicable safeguard.