× Globe

We notice that you’re on our UK site, the version that serves your region is the US Eckoh site.

Go to US site. Stay on UK site

GDPR Explained

Personal data now needs to be as secure as payment data.

As a contact center, you are more likely to be exposed to, handle, use or store personal data of your customers. That means that GDPR will apply to you.


Recent research by Thales Security revealed that half of UK consumers don’t believe commercial organisations care about their privacy. In fact, UK consumers are becoming increasingly reluctant to trust anyone with their personal information, especially in retail, banking or travel. What’s more, 77% suggested that a failure to comply with GDPR would negatively impact their perception of an organisation.

GDPR European Flags

What is GDPR

GDPR – General Data Protection Regulation – is intended to improve how data is protected as well as increasing the accountability for those organisations that suffer data breaches.

GDPR is the most comprehensive data privacy regulation to date and allows individuals to have better control over their own data. Because of this, it presents challenges to organisations who process personal data of any EU citizen – regardless of where that organisation is headquartered. Any organisation that handles or uses personal data from EU citizens are obligated to comply with GDPR, regardless of where they are based. If you don’t you could face heavy fines of up to €20 million or 4% of your global turnover.

lock on a table next to a payment card

Get in touch today

Get in touch today and find out how Eckoh can help you with your GDPR and PCI DSS compliance.

Talk to us today

What is ‘personal data’?


GDPR re-defines personal data as ‘any information relating to an individual, whether it relates to his, or her, private professional or public life’. This is a wider definition from previous data protection legislation and covers name, home address, photo, email address, bank details, social media posts, medical information and a computer IP address.


Any data set that can be used to identify an individual, is required to be regulated by GDPR.


GDPR & Brexit.


The UK Government has already stated that it will implement the same regulation for the UK so that after Brexit there will still be a common standard to apply to data protection. For that reason, compliance remains a priority - now and in the future.

GDPR Explained

Get in touch today

Finding this hard to understand? Get in touch today and find out how Eckoh can help you with your GDPR and PCI DSS compliance.

Talk to us today