The General Data Protection Regulation (GDPR) is a sweeping new European Union (EU) privacy law that comes into effect on May 25, 2018. Here you can find answers to lots of frequently asked questions regarding GDPR.
- What is personal data?
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which when collected together can lead to the identification of a particular person, also constitute personal data. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as - name, email address or location, and also online identifiers like IP address, various types of website cookies and other device identifiers.
Personal data that has been rendered anonymous in such a way that the individual is not or no longer identifiable is no longer considered personal data. For data to be truly anonymised, the anonymisation must be irreversible.
For example: Call recording containing personal data like name, SSN, location, social identity etc.
- Is CloudTalk's call center solution GDPR compliant?
Yes, CloudTalk is currently GDPR compliant.
- Can CloudTalk assist my company with responding to an Individual Rights Request (Subject Access Request)?
As a processor of personal data for many of our customers, we will assist you with responding to individual rights requests that you receive under the GDPR. But in many cases, you can resolve these types of requests by logging into CloudTalk and process any action you need. Where this is not possible, please contact us.
- Where does CloudTalk store our data?
Our goal is to provide our customers with secure, fast, and reliable services. As a provider of global services, we run our services under multiple jurisdictions around the world. Data is stored in the data center closest to the location of our customers. For more information about services we use, please check our page about CloudTalk subprocessors. We will hold any subprocessors that handle personal data, including our data center partners, to the same data management, security, and privacy practices and standards to which we hold ourselves.
- How does CloudTalk secure my data?
We have implemented organizational and technical safeguards to secure all of your data. For more information on security please take a look at our GDPR or Security pages.
- Does CloudTalk use subprocessors to further process customer data?
A list of our subprocessors can be found on CloudTalk Subprocessors page.
- For how long do you store customer data?
We store customers' data only for the time of using our services or until they delete the app.
- If I use CloudTalk as my call center solution, does my business comply with GDPR?
Not automatically. While CloudTalk is GDPR-compliant and provides tools to help you comply with GDPR, it is your responsibility to ensure that your business itself complies with GDPR. Using CloudTalk itself does not guarantee that the company complies with GDPR, but it will certainly make it easier for you. Also, check whether other third party services you use also comply with GDPR.
- What is the advantage of a cloud service in terms of GDPR compliance?
Being GDPR compliant means large investments in time, expertise and costs. Services that are part of the cloud ecosystem use the most advanced security procedures and make changes at the global level a lot easier, at the same time and for everyone without exception. This creates a safe environment for managing and processing your data and also accommodating efforts required to keep pace with changing policies.
- What does Brexit mean for GDPR?
Brexit has no implications on GDPR. You have to comply with GDPR. The UK will not have completed their withdrawal from the EU when the GDPR goes into effect. In addition, if companies based in the UK process data of EU residents, they will always fall under the GDPR, no matter if the UK is a member of the EU or not.
Find more information about CloudTalk's call center system and GDPR here.