What we collect, why, and how we keep it safe.

This Privacy Policy explains how Live Agents (“we,” “us,” or “our”) collects, uses, discloses, and safeguards information through our website at https://liveagents.io, our client and worker dashboards, our recruiting and training program, and any related services (the “Services”).

We are committed to processing personal information lawfully, fairly, and transparently. This policy is written to be read; if something here is unclear, write to us at info@liveagents.io and we will explain.

For information collected through the public website, the client dashboard, and recruiting workflows, Live Agents is the “controller” (or equivalent under applicable law).

For personal information that a client uploads or shares with a contractor in the course of an Engagement (for example, customer-record data the contractor processes on the client’s behalf), Live Agents acts as a “processor” for the client. Those activities are governed by our Data Processing Agreement.

We collect the following categories of information:

Account info

Name, work email, company, role, billing address, password hash, and authentication tokens.

Lead & contact info

Inputs you submit through forms (discovery call, contact form, worker application), routed to our CRM and email systems.

Payment info

Payment method tokens and last-four digits, stored with our PCI-compliant processor (Stripe). Full card numbers never touch our servers.

Dashboard activity

Logs of who viewed what inside your dashboard, including admin and ghost-mode access, retained for security and audit.

Work-session signals

From the contractor's tracker only during clocked-in time: idle status, active application or URL category, periodic screenshots where enabled, keystroke and click counts (counts only — not contents).

Device & connection

IP address, device type, OS, browser, language, time zone, referrer, and crash logs, used for security and product analytics.

Cookies & similar tech

First-party cookies for authentication and preferences; minimal analytics cookies. We do not use cross-site advertising trackers.

Recruiting data

For applicants: résumé, work history, references, assessment scores, interview notes, and government-issued ID where required by Philippine law for employment screening.

Communications

Email, in-app messages, recordings of consented support calls, and tickets, retained for support history and quality.

We do not knowingly collect special-category data (for example, health, biometric identifiers, racial or ethnic origin) through the public Services. If you provide such information voluntarily, please limit it to what is necessary.

• Operate the Services — match clients with contractors, run the dashboard, capture activity for billing and oversight, process payments, send invoices, route support.
• Quality & safety — supervise contractors, investigate misuse, prevent fraud, enforce our Terms, comply with legal obligations.
• Communicate — respond to inquiries, send transactional emails (account, billing, security), and — only with your consent or where permitted by law — product updates and offers.
• Improve — analyze aggregated usage to improve the dashboard, training curriculum, and matching algorithms. We use aggregated and de-identified data wherever possible.
• Recruit & train — evaluate applicants, run our training program, conduct background checks where law permits, and place qualified contractors with clients.
• Comply with law — respond to lawful requests, enforce contracts, and protect our rights and the rights of our clients and contractors.

Where applicable law (such as the EU GDPR, the UK GDPR, or the Philippines Data Privacy Act) requires a lawful basis for processing, we rely on:

• Contract — to provide the Services you have signed up for.
• Legitimate interests — to operate, secure, and improve the Services, and to enforce our Terms, where these interests are not overridden by your rights.
• Consent — for marketing, optional cookies, and any feature requiring opt-in. You can withdraw consent at any time.
• Legal obligation — to satisfy tax, financial-reporting, employment-screening, anti-money-laundering, and similar requirements.

We share information only with the parties below, only for the purposes described, and only under contractual confidentiality and data-protection obligations.

Service providers

Hosting (AWS, Vercel), database (Supabase), payments (Stripe), email delivery (Resend), error monitoring, customer-support tooling, and identity providers. A current sub-processor list is available in the DPA.

Engaging clients

If you are a contractor, your name, role, photo, and clocked-in activity are visible to the engaging client. Off-clock activity is never shared.

Authorized supervisors

Live Agents supervisors and Trust & Safety reviewers may access dashboards for quality, fraud, and policy investigations. All access is logged.

Legal & safety

We may disclose information when required by law, to enforce our Terms, to protect rights, property, or safety, or in response to valid legal process. We push back on overbroad requests.

Corporate transactions

In a merger, acquisition, financing, or sale of assets, information may transfer subject to confidentiality and continued protection consistent with this Policy.

Our team operates from the Philippines, our infrastructure is hosted in the United States, and our clients are global. Where personal information is transferred across borders, we rely on appropriate safeguards including the Standard Contractual Clauses (EU/UK), the Philippine Data Privacy Act’s data-sharing rules, and equivalent mechanisms.

We keep personal information only as long as necessary:

• Account & billing records — for the duration of the relationship plus seven (7) years for tax and accounting.
• Lead form submissions — twenty-four (24) months from last activity, then deleted or anonymized.
• Work-session screenshots — ninety (90) days from capture by default; clients may configure shorter or longer retention up to twelve (12) months in their settings.
• Activity logs (idle/active timestamps) — twelve (12) months for billing reconciliation and auditing.
• Recruiting data for applicants not hired — eighteen (18) months, then deleted unless the applicant opts in to remain in the talent pool.
• Support and communications — three (3) years.

Depending on where you live, you may have the right to:

• Access the personal information we hold about you;
• Request correction of inaccurate information;
• Request deletion of your personal information (the “right to be forgotten”);
• Object to or restrict certain processing;
• Receive a portable copy of your data;
• Withdraw consent for any consent-based processing;
• Lodge a complaint with a supervisory authority (in the Philippines: the National Privacy Commission; in the EU: your local DPA).

To exercise any of these rights, write to info@liveagents.io. We will respond within thirty (30) days, or sooner if required by law. We may need to verify your identity before fulfilling the request.

We use industry-standard administrative, technical, and physical safeguards including encryption in transit (TLS 1.2+) and at rest, scoped access controls, MFA on all administrative consoles, dedicated MDM-managed devices for contractors, security monitoring, and incident-response procedures. No system is perfectly secure, but we commit to notifying affected parties without undue delay when a breach materially affects them, in accordance with applicable law.

The Services are not directed to children under 16, and we do not knowingly collect their personal information. If you believe we have collected information from a child, contact us and we will delete it.

We use a minimal set of cookies for authentication, security, and to remember your preferences. Optional analytics cookies are subject to your consent in jurisdictions that require it. You can configure your browser to refuse cookies, though parts of the Services may not function correctly.

We may update this policy from time to time. We will post the revised policy with a new effective date and, for material changes, give notice through the dashboard or by email at least fifteen (15) days before the changes take effect.

For privacy questions, requests, or to reach our Data Protection Officer, write to info@liveagents.io.

Postal address: Live Agents, Cebu IT Park, Cebu City, Philippines.