GDPR at CloudTalk

The EU General Data Protection Regulation (GDPR) sets a new standard for how companies use and protect EU citizens’ data. CloudTalk is committed to supporting you in your journey to becoming GDPR compliant. Here’s an overview of GDPR at CloudTalk and how we are preparing for it.

Trust is the #1 thing in the cloud. CloudTalk is committed to provide a secure solution and protect your privacy.

Is CloudTalk’s call center solution GDPR compliant?

Yes, CloudTalk is currently GDPR compliant.

Additional security measures

Data encryption

CloudTalk encrypts all data sent via the website using the HTTPS protocol. CloudTalk also encrypts any sensitive information that is stored and salts and hashes passwords with the latest algorithms. We only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled. Calls made via our apps are also encrypted during the transfer from agents to CloudTalk.

Data hosting and storage

CloudTalk uses third-party data centers with industry-standard certifications (Tier III+ or IV, ISO 27001, PCI-DSS). All facilities include physical protection.

Failover and disaster recovery

CloudTalk was built with disaster recovery in mind. All of our infrastructure and data are spread across more availability zones and will continue to work if any one of those data centers fails.

Voice security

Login restrictions – Set up a list of countries from which you and your agents can sign in to CloudTalk.
International Calls – Specify the list of countries from which your agents can call. We highly recommend including only those countries that you actually need. You can also set a maximum daily credit for each agent.
Use these settings to increase the security of your call center.

Role-based permissions

Every user should use his own account to access CloudTalk. Assign the right roles to each of them – administrator, supervisor, analyst, agent.

API security

All data sent through CloudTalk REST API are encrypted by default (TLS/SSL only). API is restricted only for users with a username and secure API tokens.


All employee contracts include a confidentiality agreement.

Your personal information and data, including contact information and phone number, will be collected, processed, and retained pursuant to the CloudTalk terms and conditions. We will not otherwise share your contact number with any third parties

How can CloudTalk assist in your GDPR compliance efforts?

CloudTalk’s call center solution provides customers lots of features that can assist to enhance your security and become GDPR compliant. It is never too early to start with GDPR and review your organization’s security and data privacy practices. There are several ways in which CloudTalk can help you.

Delete contact: “Right to be forgotten” – You may delete contacts upon customers’ request at any time. Deleting a contact will remove all of its data except the calls themselves and call recordings. However, calls will no longer be assigned to a specific contact and can only be identified by using a phone number. You can also seamlessly delete the contact by using our API.

Delete call recording: When you need to delete your customer communication, you can do it by yourself. As soon as you delete the recording, it will be removed from all our services.

Access to recordings: You can set for each agent whether he can access the recordings and whether he can only play them or download them as well. With these settings, you can improve the security of your data.

Audit Log: “Right of access” – Our new interface lets you see who accessed your data. You will be able to easily find out when and which data have been accessed in CloudTalk and by whom.

Exporting your customer data: “Right of portability” – You can find your customers as “Contacts”. You can easily export the entire history of communications with a particular customer to an Excel file. And, if necessary, provide it to the customer. You can also export data using the API.

Remove data from integrations: Sometimes you need to delete the data from the integration (e.g. specific orders) but keep other data at the same time. Simply use our API to automatically delete those items or delete individual records directly through the CloudTalk interface in contact details.

Additional resources

Do you have any questions? Get in touch

Messages illustration


Connect Agents, Customers and Other Software, Together in the Cloud

Discover how CloudTalk can provide you with unparallel control over your customer’s experience and start matching their expectations today

Only company emails are allowed An error has occurred when checking the email An error has occurred