Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
LiveTex is a Russian live chat, messaging, and customer engagement platform. Russia does not have an EU adequacy decision under GDPR, and Russian surveillance laws create a systemic conflict with EU privacy standards that makes data transfers to Russia extremely difficult to justify under GDPR. EU organisations using LiveTex for European users face significant compliance risks that require urgent assessment and likely replacement with an EU-compliant alternative.
LiveTex is a Russian live chat, messaging automation, and customer engagement platform. It provides chat widgets, chatbot capabilities, and omnichannel messaging tools. LiveTex is used primarily by Russian-speaking markets and is hosted on Russian infrastructure operated under Russian law. For European organisations, using LiveTex raises serious GDPR concerns that go beyond standard third-country transfer issues.
Russia does not have an EU adequacy decision under GDPR. Unlike the US transfer situation (where SCCs provide a workable mechanism), Russia presents a more fundamental problem. Russian federal law requires domestic data operators to store Russian citizens'' data on Russian territory, and Russian intelligence services have broad lawful access to data held by Russian-based operators. The CJEU''s Schrems II ruling established that SCCs cannot effectively protect EU data transfers where the destination country''s laws systematically undermine the rights they are meant to protect. Russia''s legal framework creates exactly this situation.
LiveTex collects chat conversation content, visitor IP addresses, browser and device information, session identifiers, and any personal data shared by visitors during chat. All data is processed and stored on Russian servers under Russian law and regulatory jurisdiction.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Even if ePrivacy consent is obtained, this does not validate the Russia data transfer under GDPR Chapter V. GDPR Article 49 derogations (explicit consent for specific transfer) may theoretically apply, but require the data subject to be specifically informed of the Russia transfer risks, and can only be used for non-repetitive transfers, not systematic chat data collection. The practical conclusion for most EU organisations is that LiveTex cannot be used compliantly for European users without an EU-hosted deployment option.
EU organisations currently using LiveTex should conduct an urgent DPIA to assess the Russia transfer risk, obtain legal advice on whether continued use is defensible, and actively evaluate migration to an EU-hosted live chat alternative. Continued use without a valid transfer mechanism exposes the organisation to GDPR enforcement risk. EU-based alternatives include Ninchat (Finland), Userlike (Germany), Vergic (Sweden), and Crisp.chat (France).
Websites using LiveTex must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is mandatory for LiveTex deployments involving EU users. The transfer to Russia — a country whose surveillance laws are incompatible with GDPR — creates a high-risk processing profile that requires formal assessment. The DPIA should specifically evaluate whether the Russia transfer can be justified under any GDPR Article 49 derogation.
Sample consent text
We use LiveTex to provide live chat support. LiveTex processes your conversation data on servers in Russia. Russia does not have an EU data protection adequacy decision. Please accept to enable the chat feature.
Third-party domains contacted
livetex.ruapp.livetex.ruapi.livetex.ruCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| lt_session | session | Session | Session identifier used to maintain the active LiveTex chat session — processed on Russian infrastructure |
| lt_uid | persistent | 1 year | Visitor identifier used to recognise returning users — processed on Russian infrastructure |
LiveTex uses cookies for user preferences — inform visitors with a consent banner.
LiveTex faces severe GDPR compliance challenges for EU users. Russia has no EU adequacy decision, and Russian surveillance law creates a systemic conflict with GDPR standards. The Schrems II ruling means SCCs may not effectively protect data transferred to Russia. EU organisations should urgently assess whether continued use is defensible.
Unlike the US, where SCCs provide a workable transfer mechanism, Russia's domestic data law and intelligence service access rights create a more fundamental incompatibility with EU data protection standards. The CJEU established in Schrems II that transfers cannot rely on SCCs when destination country laws systematically undermine the protections they are meant to provide. Russia's legal framework presents exactly this situation.
LiveTex processes chat conversation content, visitor IP addresses, browser and device information, session identifiers, and any personal data voluntarily shared by visitors during chat. All processing occurs on Russian infrastructure under Russian legal jurisdiction.
No. GDPR Article 49 allows Article 49(1)(a) derogation transfers with explicit informed consent, but only for non-repetitive transfers, not for systematic ongoing data collection. Using consent as the basis for repeatedly collecting chat conversation data and sending it to Russia is not compliant with the spirit or text of GDPR Article 49.
Yes, a DPIA is mandatory. The Russia transfer to a country without EU adequacy and with incompatible surveillance laws, combined with real-time collection of personal conversation data, meets multiple GDPR Article 35 trigger criteria. The DPIA should specifically assess whether the transfer can be justified under any Article 49 derogation.
Conduct an urgent DPIA and seek legal advice on continued use. Begin evaluating EU-hosted live chat alternatives. Consider temporarily disabling LiveTex for EU users while migration is planned. Notify your DPO or privacy officer of the situation. Document your assessment and decision in writing.
Ninchat (Finland), Vergic (Sweden), Userlike (Germany), and Crisp.chat (France) all provide EU-hosted live chat with no Russia or US transfer concerns. For AI chatbots specifically, Jenny (Finland) and Boost.ai (Norway) provide EU-hosted AI chat. All these alternatives eliminate the problematic Russia transfer.
As of the available information, LiveTex does not offer EU data residency. All data is processed in Russia. If LiveTex has introduced EU hosting options, this should be specifically confirmed in writing and reflected in a DPA that restricts processing to EU infrastructure exclusively.