Estimated reading time: 10 minutes | Target users: Administrators, Supervisors

The General Data Protection Regulation (GDPR) came into force on May 25 2018. GDPR aims to strengthen data protection across the EU, while giving people more control over how organizations can use their personal data. As call and contact centers work with a huge volume of data, it’s more important than ever to make it transparent to your clients where you collected their data from, how you are managing their data, and to make sure you erase data on request without undue delay. At VCC Live, data protection is our utmost priority. Not only do we enforce privacy safeguards within the company, but we also design our products and services with privacy principles at their core.

In this tutorial, we’ve compiled all VCC Live functions we believe will make it easier for you to manage your customers’ data, as well as describe what data are deleted after contract termination.

For more details on how GDPR affects call centers, see our How GDPR affects call centers ebook.

Warning: This tutorial does not constitute legal advice. Should you have any legal questions regarding GDPR, please contact your lawyer or legal advisor. VCC Live does not take any responsibility or liability for any damages, disadvantages or losses that may arise from the results of any interpretation of the content in this tutorial.

In this lesson, you will learn:*

• How to delete projects and how project data is affected
• How to pseudonymize your contacts
• How to manually or automatically delete call recordings
• How to have control over which calls are recorded
• How to force password change upon next login

1. Deleting Projects

You can delete projects that are no longer used, for example, when a campaign is completed. Deleting projects is the easiest way to remove a large volume of client data from a specific period.

1.1 What Data is Erased

When you delete a project, the following project data and resources are erased:

• Generic project settings
• List of assigned agents and teams
• Inbound and outbound settings, including dialer parameters and inbound processes
• Email and SMS templates, including messages sent and received
• Chat settings and conversation history
• Project database, including fields, records, and quota
• Dispositions
• Datasheets and scripts
• Tickets

The deleted project will be still listed on the deleted projects list, but as a blank project. The blank project is preserved only for statistical purposes (so that your global statistics are not affected), and no personal data is stored anywhere or can be restored in any way.

1.2 To Delete Projects

Before deleting a project, you must deactivate it. You can then delete projects one by one (See Deleting a project, or delete multiple projects in one go using mass project actions (see Mass project actions).

2. Managing Call Recordings

Perhaps one of the most confusing areas in the new GDPR regulations affecting call centers is the handling, processing, and maintaining of call recordings. Call recordings are considered personal data, as they can include personal information, such as the caller’s name, address and financial information.

2.1 How GDPR Affects Call Recordings

To record calls, you need to ensure that your customers give specific and unambiguous consent to be recorded. You also need to justify that your purpose for recording calls fulfills one of the conditions below:

• Individuals involved in the call have given their consent to be recorded (oral acceptance during the call, consent after receiving a message, or consent as part of a customer agreement)
• Recording is required to fulfill a contract to which the individual is a party
• Recording is required to fulfill a legal obligation to which the recorder is subject
• Recording is required to protect the interests of one or more participants
• Recording is in the public interest
• Recording is in the recorder’s interest unless those interests are less important than the interests of the individuals in the call

2.2 To Allow or Disable the Call Recorder Function

Whether you need to record an entire conversation or only specific parts of the conversation, there are a number of ways to start the call recorder during calls.

For more details about call recording in VCC Live, see The Basics of Call Recording.

3. Deleting Call Recordings

As call recordings are considered personal data, you must be able to delete them immediately when requested by a customer. In VCC Live, you can delete call recordings one-by-one or in one go.

Note: Deleting call recordings via the VCC Live application won’t delete call recordings that have been previously archived or downloaded, or are located somewhere other than on your VCC Live server.

3.2 To Delete a Specific Call Recording

Should you ever need to delete a specific call recording upon request, you delete call recordings one by one on the CDR log worksheet.

You can easily find any call recording within a project using the advanced search function, which allows you to search for records by date and time, agent or team, disposition used, caller’s or the called number, and more.

For more details on how to delete a call recording, see To Delete a Call Recording.

3.3 To Automatically Delete All Call Recordings Older Than a Set Time Period

Our auto-delete call recording function allows you to set a specific month. Any call recordings older than the specified month will be automatically deleted when they reach the set time period.

For more details on how automatically delete call recordings when they reach a specified time, see To Automatically Delete Call Recordings After a Set Time Period.

3.4 To Automatically Delete All Call Recordings with a Specific Dispositions

Whenever agents finish a call, they are required to allocate a disposition to the record to indicate the outcome of the call. As a result, each call recording has a record, allowing you to filter for call recordings based on dispositions. You can set call recordings with the disposition you specify to be deleted automatically after a set amount of days.

For more details on how to enable this feature, see To Automatically Delete Call Recordings After a Set Time Period for Records with a Specific Disposition.

4. Pseudonymizing Database Contacts

Call centers process a large volume of data, including records and contacts, which are both considered personal data, as they include information such as the name and phone number of customers.

You may face an issue such having to remove a contact from your database upon request, but the project is still active and you cannot delete the project. In this case, you can pseudonymise or mask the data. You can do this by simply replacing details in the specific records with fake ones, for example, by replacing the name of the customer with a pseudonym (alias), or replacing the phone number with a random series of numbers.

4.1 To Update Contacts

In order to mask any data for your records, you can use the Mass update contacts function, which allows you to replace the details of one or more contacts in your database with new details.

For more details about using this function, see To Update Contacts.

Be Sure to Check Back Later

This tutorial is regularly updated to include the latest functions we deploy that can help you meet privacy requirements.