As a contact center, you are more likely to be exposed to, handle, use or store personal data of your customers. That means that GDPR will apply to you.

Recent research by Thales Security revealed that half of UK consumers don’t believe commercial organizations care about their privacy. In fact, UK consumers are becoming increasingly reluctant to trust anyone with their personal information, especially in retail, banking or travel. What’s more, 77% suggested that a failure to comply with GDPR would negatively impact their perception of an organization.

What is GDPR?

GDPR – General Data Protection Regulation – is intended to improve how data is protected as well as increase the accountability for those organizations that suffer data breaches.

GDPR is the most comprehensive data privacy regulation to date and allows individuals to have better control over their own data. Because of this, it presents challenges to organizations that process personal data of any EU citizen – regardless of where that organization is headquartered. Any organization that handles or uses personal data from EU citizens is obligated to comply with GDPR, regardless of where they are based. If you don’t you could face heavy fines of up to €20 million or 4% of your global turnover.

GDPR Circle
Padlock Card Circle

What is ‘personal data’?

GDPR redefines personal data as ‘any information relating to an individual, whether it relates to his, or her, private professional or public life.’ This is a wider definition from previous data protection legislation and covers name, home address, photo, email address, bank details, social media posts, medical information and a computer IP address.

Any data set that can be used to identify an individual, is required to be regulated by GDPR.

GDPR and Brexit

The UK Government has already stated that it will implement the same regulation for the UK so that after Brexit there will still be a common standard to apply to data protection. For that reason, compliance remains a priority - now and in the future.

Other areas of Compliance


If you take card payments, you need to be PCI DSS compliant



The Markets in Financial Instruments Directive now impacts a wider range of firms and people


Read more in our
Compliance Hub

Have any questions?
Get in touch