It is vital for businesses to understand what GDPR is and implies, as it is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. This means that if you are dealing with even just one EU client, you should be General Data Protection Regulation (GDPR) compliant. For non-compliance, the fine framework can be up to 20 million euros, or in the case of a company, up to 4% of their total global turnover in the previous fiscal year, whichever is higher.
Why will it impact in your contact center?
General Data Protection Regulation significantly expands customers’ rights over their personal data. The following are just some important points Contact Centers should bear in mind when managing clients.
- Consent: The GDPR establishes how companies have to ask for customer’s consent to use their personal information. A request for consent cannot be camouflaged under long terms and conditions; it has to be clearly distinguishable from other matters. Check boxes can no longer be used to indicate consent, and making clients give more personal information in exchange for extra features isn’t allow any more.
- Access: With the regulation, you need to be able to locate every piece of customer data stored within your system and communicate how it’s used, if a customer requests that information, within a month.
- Erasure: It empowers customers to ask the company to delete or correct any personal data. This request has to be complied as long as the data is no longer needed to achieve the purpose for which it was originally gathered or your legal basis for gathering it was the individual’s consent.
- Security: Requires company to keep data safe, so if there is a security breach, companies must inform their national regulator within 72 hours of realizing it.
This cannot be covered with old technology, this is why companies have to adopt a technology stack that includes all the GDPR principles. Organizations must be able to demonstrate that their technical systems operationally adhere to data protection principles and rights. As our customer’s security is the #1 thing for us, we will be taking GDPR as an opportunity to raise the bar for their data protection. As a contact center software, we are completely GDPR compliant.