Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
Vergic is a Swedish digital customer engagement platform providing live chat, co-browsing, video, and messaging capabilities for customer service. As a Swedish EU-based company, GDPR applies directly and no third-country transfers are required for standard deployments, making Vergic one of the most privacy-compliant digital engagement platforms available. Consent is still required before the widget script loads under the ePrivacy Directive.
Vergic is a Swedish digital customer engagement platform that provides live chat, co-browsing, video calling, and messaging capabilities for customer service teams. It is used primarily by banks, insurance companies, retailers, and public sector organisations in Scandinavia and across Europe. Its co-browsing feature allows customer service agents to view and interact with the customer''s browser in real time, enabling guided assistance for complex online processes such as form completion, product selection, or account management.
Vergic collects session identifiers, IP addresses, browser and device information, conversation content, co-browsing session data, and timestamps. In video or co-browsing sessions, the platform may capture screen content visible in the shared browser area. If user identity is passed via the Vergic API (name, customer ID), this data is linked to the session record. Conversation logs are retained for quality assurance and agent training purposes, with configurable retention periods.
Vergic''s Swedish origin provides a significant GDPR advantage. Sweden is an EU member state and Vergic operates its infrastructure entirely within the EU. No Standard Contractual Clauses or adequacy decisions are required for data transfers, as no transfer outside the EEA occurs. This eliminates the primary GDPR risk associated with US-based engagement platforms. The ePrivacy Directive still requires consent for non-essential cookies set by the widget, and co-browsing sessions in regulated sectors may require specific disclosure and consent.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
ePrivacy consent is required before the Vergic widget script loads. For the conversation and co-browsing data processed when a user actively initiates a session, legitimate interest or contract performance may apply without additional consent. Users should be informed through a privacy notice in or adjacent to the widget that the session is processed on EU servers by Vergic. For co-browsing sessions where screen content may be visible to the agent, users should give explicit in-session consent before the co-browsing is activated.
Vergic processes all data within the EU. No third-country transfer mechanism is required. This is a significant differentiator from US-based engagement platforms like Intercom, Drift, or Zendesk Chat, which all require SCCs. For regulated European organisations with strict data sovereignty requirements, Vergic''s EU infrastructure provides full compliance without the complexity of managing transfer safeguards.
To deploy Vergic compliantly: obtain ePrivacy consent before the widget loads; include a privacy notice informing users that conversations are processed on EU servers; obtain explicit in-session consent before activating co-browsing; sign a DPA with Vergic; update your privacy policy to describe the engagement platform and EU data location; configure conversation log retention in the Vergic admin panel; conduct a DPIA if used for sensitive data in regulated sectors; and document the processing in your RoPA noting the EU data location.
Websites using Vergic must obtain user consent under GDPR regulations.
DPIA considerations
A DPIA is advisable when Vergic is used to process sensitive customer data through co-browsing or video sessions in regulated sectors such as banking or healthcare. The EU data residency significantly reduces the overall risk profile.
Sample consent text
We use Vergic to provide live chat and digital customer service. Vergic processes your conversation data on EU servers in Sweden. Please accept to enable the chat and co-browsing features.
Third-party domains contacted
vergic.comengage.vergic.comapi.vergic.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| vg_session | session | Session | Session identifier used to maintain the active chat, co-browsing, or video engagement session |
| vg_uid | persistent | 1 year | Visitor identifier used to recognise returning users and maintain session continuity |
Vergic uses cookies for user preferences — inform visitors with a consent banner.
Vergic collects session identifiers, IP addresses, browser and device information, and chat conversation content. Co-browsing sessions transmit the visitor's browser view to the support agent in real time. Video sessions process WebRTC media streams. Session logs and transcripts are retained for quality assurance, with configurable retention periods.
Yes. Consent is required under the ePrivacy Directive before the Vergic widget script loads. For co-browsing, additional in-session consent must be obtained before the agent can view the customer's screen. For session recording, informed consent from all participants is required. The EU data location simplifies the consent notice as no US transfer needs to be disclosed.
Consent (Art. 6(1)(a)) is required for non-essential tracking cookies. For conversation and session data processed when a user actively initiates a chat, legitimate interest (Art. 6(1)(f)) or contract performance (Art. 6(1)(b)) may apply. Co-browsing requires explicit per-session consent. Recording requires consent from all participants under the ePrivacy Directive's communications confidentiality provisions.
No. Vergic is a Swedish company that processes all data within the EU. No transfer mechanism under GDPR Chapter V is required. This is a significant privacy advantage compared to US-based digital engagement platforms and makes Vergic suitable for organisations with strict data localisation requirements.
A DPIA is generally not required for standard chat and engagement deployments given the EU data location and relatively low risk profile. It becomes advisable when co-browsing or video sessions may capture sensitive screen content (financial data, health information, personal documents) or when session recordings are processed at scale.
Obtain ePrivacy consent before the widget loads. Configure in-session co-browsing consent prompts. Obtain recording consent from all participants before any session recording begins. Update your privacy policy to describe Vergic as a processor with EU data storage. Sign a DPA with Vergic. Document the processing in your RoPA. Configure session log retention limits.
Vergic processes all data within the EU under Swedish and EU data protection law. No third-country transfer mechanism is required, eliminating the main GDPR compliance risk associated with US-based alternatives like Intercom, Drift, or Zendesk. For Nordic public sector, banking, and insurance organisations with strict procurement requirements, Vergic's EU infrastructure is a decisive advantage.
Co-browsing consent must be explicit and obtained before the agent can access the customer's screen view. Implement a clear in-session prompt stating that the agent will be able to see the customer's browser screen, what the agent can see and interact with, that the session may be recorded, and how to end the co-browsing session at any time. Consent must be logged with a timestamp. Customers must be able to revoke co-browsing access without ending the support session entirely.