Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
iClose is a live chat and sales conversation tool that lets businesses talk to website visitors in real time and assist them through to checkout. It sets identification and session cookies and, when proactive triggers or analytics are enabled, builds visitor profiles that require prior consent under GDPR and the ePrivacy Directive.
iClose is a customer support and sales conversation platform that adds a live chat widget to a website and lets agents converse with visitors in real time. The widget loads via a JavaScript snippet, opens a WebSocket or long polling channel to the iClose backend and stores a small amount of state on the device so that the conversation can survive page reloads.
Beyond the chat itself, iClose typically offers proactive triggers (open the widget after X seconds, on cart abandonment, on a particular URL), canned answers, basic visitor tracking and integrations with CRM or email platforms.
iClose sets first party cookies such as iclose_session and iclose_visitor, and may use local storage to keep the conversation context. Data collected includes the visitor identifier, IP address, user agent, page URL, message content, files attached to the conversation and, for logged in users, the email address provided to the agent.
For a strictly user initiated chat session, Art. 6(1)(f) GDPR (legitimate interest in offering customer service) can be combined with the ePrivacy exemption for strictly necessary cookies. Any analytics, persistent visitor profile, proactive trigger or marketing prompt requires Art. 6(1)(a) GDPR consent and prior opt in under Art. 5(3) of the ePrivacy Directive.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
iClose may host data in the European Union or in the United States, depending on the plan and the underlying cloud provider. EU operators must check the production region, sign a Data Processing Agreement, document the transfer mechanism (Standard Contractual Clauses, EU US Data Privacy Framework certification) and apply supplementary measures such as TLS in transit and encryption at rest for stored transcripts.
Load the iClose widget by default but disable proactive triggers and persistent identifiers until consent is given, integrate the widget with your Consent Management Platform, configure retention for chat transcripts, train agents not to ask for sensitive data, sign a DPA with the vendor and disclose iClose in your privacy and cookie policies as a processor.
Websites using iClose must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is recommended when iClose is deployed at scale, integrates with a CRM, transcribes calls or stores message history, because the tool collects free text inputs that may include sensitive data, identifies returning visitors and supports proactive triggers. The DPIA should evaluate retention of chat transcripts, access controls for agents, the impact of any AI assistant, the geographic location of the iClose backend and the risk of inadvertent disclosure of special category data by visitors typing into the widget.
Sample consent text
We use iClose to provide a live chat with our team. A small widget is loaded on the page and a cookie is stored on your device to keep your conversation open if you navigate. If you accept analytics cookies, iClose can also recognise you across sessions and trigger proactive messages. You can refuse these non essential features and still use the chat.
Third-party domains contacted
iclose.iowidget.iclose.ioapi.iclose.iows.iclose.iocdn.iclose.ioCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| iclose_session | session | Session | Identifies the current iClose chat session and links messages to the visitor for the duration of the browser session. |
| iclose_visitor | first_party | 1 year | Persistent visitor identifier used by iClose to recognise the same browser across visits and resume conversations. |
| iclose_chat_open | first_party | 7 days | Stores whether the iClose chat panel was last left open or closed so the UI state can be restored. |
| iclose_conversation | local_storage | Persistent | Local storage entry that caches the open conversation transcript and queued messages between page reloads. |
| iclose_uid | first_party | 1 year | Hashed visitor identifier used for analytics and routing within iClose when analytics features are enabled. |
iClose uses cookies for user preferences — inform visitors with a consent banner.
iClose mainly sets first party cookies such as iclose_session and iclose_visitor, plus local storage entries that hold the current conversation context. These cookies identify the chat session and, when persistence is enabled, recognise the same visitor across pages and visits.
Strictly user initiated chat with only essential cookies can rely on the ePrivacy exemption and legitimate interest. As soon as iClose enables persistent visitor identifiers, proactive triggers or analytics, prior consent is required under Art. 5(3) ePrivacy and Art. 6(1)(a) GDPR.
Legitimate interest under Art. 6(1)(f) GDPR usually supports the live chat itself when the user explicitly initiates it. Contract performance under Art. 6(1)(b) applies for existing customers. Consent under Art. 6(1)(a) is needed for analytics, profiling and proactive triggers.
It depends on the iClose plan and the cloud provider. Production data may reside in the EU or in the US. EU operators must check the region, sign a DPA, document Standard Contractual Clauses and, where applicable, the EU US Data Privacy Framework certification.
A DPIA is recommended at scale or when iClose is integrated with a CRM, used for sales conversations involving free text inputs, or processes transcripts of conversations that could contain sensitive data such as health or financial information.
Disable proactive triggers and persistent identifiers until consent is given, connect iClose to your Consent Management Platform, set a clear retention policy for transcripts, train agents to avoid sensitive questions, sign a DPA and declare iClose as a processor in your privacy and cookie policies.
Yes. Crisp (France), Tawk.to with EU regions, Smartsupp (Czech Republic), Userlike (Germany) and LiveChat (Poland) are credible live chat alternatives, several of them hosted in the European Union which simplifies GDPR compliance.
List iclose_session and iclose_visitor with their purpose, type and duration, declare iClose as a processor, document hosting location and transfer mechanism, mention any proactive trigger or analytics module and offer a clear way to refuse non essential features.