Yay.com loading


Error Sorry


Shopping Basket

Basket Total



Delete everything from your basket?

Go to Checkout
Back to latest posts

Phone Call Recording and GDPR

Phone Call Recording and GDPR

Important Note: The below is offered for guidance only and is the subjective opinion of the author. We strongly advise appropriate legal advice is retained.

A common question we've been asked a lot in recent months is ‘what about Call Recordings and GDPR?’. Call Recordings are principally legislatively controlled already by the The Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000; often referred to us the "Lawful Business Regulations". In summary these state at 3-(1) that you can only record a call under one of these circumstances:

  • To provide evidence of a business transaction.

  • To ensure that a business complies with regulatory procedures.

  • To see that quality standards or targets are being met in the interests of national security.

  • To prevent or detect crime.

  • To investigate the unauthorised use of a telecom system.

  • To secure the effective operation of the telecom system.

Most importantly, the same regulations state at 3-(2) c that reasonable efforts must always be made to ensure the caller and callee both know their call is being recorded or monitored.

The addition of the General Data Protection Regulations (GDPR) simple means any personal data recorded and/or monitored is even more tightly controlled. It's vital you have procedures and steps in place to contract whom has access to that Call Recording data, how it is stored and how you are protected in the event of data theft. At Yay.com, we also do a lot more to protect your call recordings.

  • 1. All our call data is AES (Advanced Encryption Standard) encrypted. Every last bit. When we store it, we do so by encrypting that file on our disks. It's only then decrypted by us, with our unique, protected and inaccessible key, when you wish to retrieve some of that data. In fact, we don't just do this with call recordings, we do it with all our data.

  • 2. We support SRTP, the secure form of audio transmission that can be used when your devices and applications communicate with us. The large majority of devices/applications don't support this by default, so we allow you to selectivity enable/disable in Your Account.

  • 3. We let you activate and deactivate Call Recordings inbound per number/call route and outbound/internally by SIP User

  • 4. We provide a short-code feature that temporarily pauses and resumes call recordings. For example, if you wished to collect payment card details by phone you could omit this permanently from a call recording on demand with this feature.

  • 5. From the 25th May, you'll be able to delete all your call recordings and/or a selection of your call recordings permanently simply by accessing them from Your Account.

We hope this helps offer some guidance on the subject of call recordings and General Data Protection Regulation (GDPR). If you'd like to find out more about the call recording feature available as part of our business VoIP phone system, check out the dedicated Call Recording page.

Back to latest posts

Blog Archive

ISO 27001 Business Continuity Accreditation ISO 22301 Business Continuity Accreditation Cyber Essentials Certificate of Assurance G-Cloud accredited by the Crown Commercial Service