How Can I Add Value? (Customer Contact Centers): [the GDPR Series (14)]

Summary: A focus on customer contact centers and GDPR can allow businesses to build strong bonds of trust and drive incremental revenue streams and ultimately competitive edge.

  • Customer contact centers can be a point of great value addition while supporting GDPR.
  • Companies can extend GDPR style protection through their contact centers.
  • Training, recording and outsourcing processes of customer contact centers need to be synchronised in line with GDPR.

Article excerpts from my forthcoming book – 99 Articles on the GDPR

I’ve been advising a fantastic startup in the customer success space, Cleo. Through interactions with the team, I realized that contact centers (i.e. customer success and customer service) have long been an avenue to understand the issues faced by customers but also a channel in which organizations can help to create the profile of the customer itself. So, it comes as no surprise that the customer contact center becomes part of the purview of the GDPR, especially as our world becomes more complex and global.

Complexity breeds authenticity in data and customers.

The GDPR has created a body that not only regulates its states but those states and countries that interact with EU citizens. The protectionist nature of the regulation creates tough decisions for organizations. The simple choice to avoid penalty may be to revise your total addressable market to be non-EU citizens. However, for organizations that have created the meticulous profile of their customers through marketing, sales and contact centers, the competitive choice would be to extend GDPR-style protections to your entire customer base.


Similar to any other part of an organization, the contact center must handle data and technology on a daily basis. The risk of data breaches is not only a result of the technology that is being used but the personnel processing sensitive data. So it’s important that contact center personnel are trained to handle data before, during and after correspondence with customers.

GDPR-related inquiries can be taken on just as customer success/service does any other problem: by executing GDPR-related requests with automated solutions, speeding and simplifying that delivery in a compliant manner via workflow, and providing information and answers to with knowledgebase articles.


The main change that GDPR will bring to the contact center industry is that they will have to able to justify the requirement to record in the first place.

To be able to record calls, businesses must meet one of the following six reasons:

· The people involved in the call have given consent to be recorded

· A recording is necessary for the fulfillment of a contract

· A recording is necessary to fulfill a legal requirement

· A recording is necessary to protect the interests of one or more participants

· A recording is in the public interest, or necessary for the exercise of official authority

· A recording is in the legitimate interests of the recorder unless those interests are overridden by the interests of the participants in the call


As you may have well noticed, the business of contact centers has been outsourced to many English-speaking countries or automated through technology. While these partners may not technically be a part of an organization, they are still data controllers under the GDPR so not only must process be central to compliance but software linked to the call center. The rights of data subjects (such as access to their data and receiving copies of the data) need to be supportable by all the software used and may require new business processes to comply.

GDPR Requests

The GDPR comes with many requirements that include the right of individuals to be forgotten, data transfer, visibility and access to any registered data. Therefore contact centers will be tasked to understand where data is stored, its relevance and accessibility as customers will initially inquire at the contact center for any data requests. Having a true understanding of the customer will make these requests easier. The broader the collection of information, the more stringent the process must be to store and access data. Contact centers should prepare for an increase in support cases related to GDPR.


The evolution of the contact center through GDPR compliance will reap benefits for organizations that truly focus on the customer. It’s long been understood that prompt service for better business outcomes means comprehensive customer data that can tie into the product and marketing lifecycle. However, keeping customer data updated, relevant and secure can lead to a path of improved customer experience, brand awareness and GDPR compliance

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.