The new General Data Protection Regulations were highly anticipated prior to their introduction on the 25th May 2018. Following on from their implementation there has been confusion and complexities surrounding how to ensure all aspects of data collection and storage meet the requirements.

Any business that collects and stores personal information such as names and addresses, must ensure they are meeting the regulations, no matter how the information is collected, this is where call recording comes into question.

Overall, there is an understanding GDPR affect businesses who take personal customer information over the phone, which many do. However, to what extent can businesses record their external calls and how can they ensure their calls are meeting GDPR?

As meeting data regulations can be a complex task, we advise seeking the expertise of specialists within GDPR compliant call recording.

GDPR Summary

The new data protection regulations were introduced to replace the previous 1998 Data Protection Act.

As of 25th May 2018, companies throughout the European Union have been governed by the new legislation, designed to protect personal information and how this is used and stored by organisations. As the regulations are in place to protect consumer’s data, call recording must be compliant with the legislation.

Call recording is a form of data processing therefore it falls directly under the newly updated General Data Protection Regulations, therefore all calls that are recorded must be done so in a format that meets the requirements. The storage of the recordings is also vital in terms of the legislation, how long these can be kept and in what capacity the recordings are stored is laid out in the GDPR.

GDPR Compliant Call Recording: Key Factors

Overall it is important to remember the new regulations put the rights of the individual before the rights of the organisation, which previously wasn’t the case. This means that the collection and storage of customer’s personal data should be a high priority for any company.

As part of the General Data Protection Regulations there are key factors that businesses must meet to become GDPR compliant. As part of the process, if a business is recording calls, they must meet one of the following conditions:

  • Recording must be part of the contract
  • Recording must comply with legal requirements
  • Those in the call must have provided consent to be recorded
  • Recording provides protection for one or more people in the call
  • Required for public interest purposes
  • Recording is in the interest of the recorder (unless less important than the interests of the other party on the call)

Of course, becoming compliant with GDPR also comes down to the industry you work in, what information you are collecting and the reasons for this collection. Data protection regulations are a complex topic that shouldn’t be taken lightly.

Overall, the key takeaways from GDPR compliant call recording are to always ensure that you have permission to record the call prior to the recording starting and to ensure your customer fully understands what they are agreeing to in terms of data collection, storage and calls.

Speak to us

If you would like to know more about GDPR compliant call recording, do not hesitate to speak to a member of our telecoms team. We have implemented compliant systems for several of our clients throughout the North West.

To speak to a member of our team call us on 01282 500770 or email