Small business secrets...

How will GDPR affect your cloud phone?

Posted by Suzannah Hale on May 15, 2018 10:27:55 AM


GDPR is the new data protection legislation coming into action on the 25th of May 2018. As well as any customer data you collect or process, your cloud phone calls are also going to be affected. You’ll soon need a legitimate reason for retaining phone numbers and recording calls, notifying and gaining permission from the user before you do so. Likewise with contacting old leads by phone. If you’re storing lead data, the user must be informed and give consent.

What should you do as a VoIP user?

As all VoIP services offer call recording features, all businesses who wish to continue recording calls with leads and customers must give a legal justification, explaining why personal data is being recorded, by demonstrating the purpose fulfils any of six conditions:

  1. The people involved in the call have given consent to be recorded
  2. A recording is necessary for the fulfilment of a contract.
  3. A recording is necessary for fulfilling a legal requirement.
  4. A recording is necessary to protect the interests of one or more participants.
  5. A recording is in the public interest, or necessary for the exercise of official authority.
  6. A recording is in the legitimate interests of the recorder unless those interests are overridden by the interests of the participants in the call.

Why is there a change for voice recording?

Recorded conversations contain a lot of personal information including names, bank details, addresses and more. The current data protection act allows the recording of calls for a number of purposes, but GDPR is tightening the reigns and businesses need to take note.

Calls are recorded for training purposes...

You may think that the phase ‘calls are recorded for training purposes’ will cover you for GDPR, but unfortunately, they won’t. You’ll need a better reason, that fulfils one of the six conditions mentioned above if you want to keep recording calls. Businesses need to look at how they can change their processes (and possibly technologies) to better support the new-look data protection regulations. Read more about this here.

What to do next…

It’s better to be prepared and start implementing necessary changes in your data protection protocol in advance so you aren’t caught short at the last minute. There are also other areas in your business that you’ll need to ensure are compliant. See our ultimate guide to GDPR for more information as to how to get your business ready!

Final thoughts

GDPR is the biggest change to the way we store and process data in years; you’re business still has time to get ready for the new legislation (if you haven’t already). By complying with the new data protection laws, you’re not only playing by the rules. It will also show your customers that you respect their data too. Both of which will benefit your business. So start reading up and changing your business to comply today - It’s not too late! Check the ICO website for more information about GDPR.


Share and enjoy

If you have any questions or comments about this post, please fill in the comment box below.  Or send me an email:


Topics: Latest, VoIP

New call-to-action

About blog

A blog by bOnline for news, tip and insights for  UK 'micro-business' owners.

Subscribe to benefit from our weekly curated tips and tricks you'll need to start or grow your business. We focus mainly on insights related to UK business telecoms and the landline-free future.

Join the VoIP phone system revolution! 

Subscribe here!

Recent posts