The EU General Data Protection Regulation (GDPR) sets a new standard for how companies use and protect EU citizens’ data. CloudTalk is committed to supporting you in your journey to becoming GDPR compliant. Here’s an overview of GDPR at CloudTalk and how we are preparing for it.
Trust is the #1 thing in the cloud. CloudTalk is committed to provide a secure solution and protect your privacy.
Is CloudTalk’s call center solution GDPR compliant?
Yes, CloudTalk is currently GDPR compliant.
Additional security measures
CloudTalk encrypts all data sent via the website using the HTTPS protocol. CloudTalk also encrypts any sensitive information that is stored and salts and hashes passwords with the latest algorithms. We only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled. Calls made via our apps are also encrypted during the transfer from agents to CloudTalk.
Data hosting and storage
CloudTalk uses third-party data centers with industry-standard certifications (Tier III+ or IV, ISO 27001, PCI-DSS). All facilities include physical protection.
Failover and disaster recovery
CloudTalk was built with disaster recovery in mind. All of our infrastructure and data are spread across more availability zones and will continue to work if any one of those data centers fails.
Login restrictions – Set up a list of countries from which you and your agents can sign in to CloudTalk. International Calls – Specify the list of countries from which your agents can call. We highly recommend including only those countries that you actually need. You can also set a maximum daily credit for each agent. Use these settings to increase the security of your call center.
Every user should use his own account to access CloudTalk. Assign the right roles to each of them – administrator, supervisor, analyst, agent.
All data sent through CloudTalk REST API are encrypted by default (TLS/SSL only). API is restricted only for users with a username and secure API tokens.
All employee contracts include a confidentiality agreement.
Your personal information and data, including contact information and phone number, will be collected, processed, and retained pursuant to the CloudTalk terms and conditions. We will not otherwise share your contact number with any third parties
How can CloudTalk assist in your GDPR compliance efforts?
CloudTalk’s call center solution provides customers lots of features that can assist to enhance your security and become GDPR compliant. It is never too early to start with GDPR and review your organization’s security and data privacy practices. There are several ways in which CloudTalk can help you.
Delete contact: “Right to be forgotten” – You may delete contacts upon customers’ request at any time. Deleting a contact will remove all of its data except the calls themselves and call recordings. However, calls will no longer be assigned to a specific contact and can only be identified by using a phone number. You can also seamlessly delete the contact by using our API.
Delete call recording: When you need to delete your customer communication, you can do it by yourself. As soon as you delete the recording, it will be removed from all our services.
Access to recordings: You can set for each agent whether he can access the recordings and whether he can only play them or download them as well. With these settings, you can improve the security of your data.
Audit Log: “Right of access” – Our new interface lets you see who accessed your data. You will be able to easily find out when and which data have been accessed in CloudTalk and by whom.
Exporting your customer data: “Right of portability” – You can find your customers as “Contacts”. You can easily export the entire history of communications with a particular customer to an Excel file. And, if necessary, provide it to the customer. You can also export data using the API.
Remove data from integrations: Sometimes you need to delete the data from the integration (e.g. specific orders) but keep other data at the same time. Simply use our API to automatically delete those items or delete individual records directly through the CloudTalk interface in contact details.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.