Discover how our products can revolutionize the way you communicate and collaborate.


Explore our advanced voice solutions designed to optimize your communication workflows.

Diverse range of DID number solutions designed to enhance your communication capabilities.

Experience unparalleled communication efficiency with our advanced SIP Trunking Solutions.

Cutting-edge technology to proactively detect and neutralize spam flags on your DID Numbers.


Wherever your audience is, our platform ensures seamless messaging across diverse channels.

Build customer journeys by fostering interactive conversations, all within the framework of your app. 

Connect with your audience in a simple and effective way through our cutting-edge SMS platform. 


Harness the power of IDT as your chosen carrier while leveraging your platform’s advanced features and services.

Integrate Twilio with our robust carrier routing platform to achieve unparalleled Voice termination system.

Experience reliable and high-quality communication services while leveraging the advanced capabilities of Genesys. 

Integrate IDT with the collaborative strength of MS Teams, unlocking efficient and feature-rich communication. 

Experience the power of our carrier network seamlessly connected to Plivo through our cutting-edge BYOC solution. 


Experience the power of our online voice tools, designed to simplify communication management. 

Ensure the authenticity and integrity of outbound calls with our STIR/SHAKEN Verification Check tool. 

User-friendly tool to verify the reputation of your business number, ensuring that it remains trusted. 

Compare and gain insights into outbound call expenses, optimize budget, and make informed decisions. 

Easily estimate and compare the costs associated with different DID numbers providers. 

Compare inbound VoIP rates among top CPaaS providers and optimize your inbound call costs. 

Generate custom SMS templates. 


Empower yourself with the resources you need to thrive in the dynamic landscape of communication.

Articles covering a wide range of topics.

Get answers to common queries.

Find instructions to make the most of our products.

Discover telecom insights and trends.

Find definitions of popular telecom terms.

Explore how our solutions have helped businesses.

Latest telecom trends, innovations, and market insights.


A global telecom partner built to meet your needs. 

Discover the story behind our commitment to delivering innovative solutions to connect people and businesses worldwide. 

Learn about our robust network infrastructure that spans across the globe, ensuring reliable and secure connectivity. 

Got a question, feedback, or need assistance? Our dedicated team is here to help!

Find partners or sign up for partnership programs.

Learn / Blog

How Will GDPR Affect the Call Center?

|  4 min
In this article

The General Data Protection Regulation (GDPR) is set to expand on current data protection laws whilst introducing a range of new penalties. These regulations will affect how businesses use data, and call centers, which handle personal data in vast volumes, will especially be affected by these changes.

Will Cold Calling be permitted?

Fortunately, yes. But in order to cold call, you will likely need to conduct “balancing tests”.

Direct marketing calls will reiterate the regulations that are already in place in the PECR such as following rules regarding TPS, presenting a valid CLI, and the requirement to identify clearly the organisation for which you are making the call.

An organisation must now satisfy requirements to be able to use personal data for business activities. For example, noting down a customer’s phone number in a book to call them later is classed as processing personal data; storing a CV in a filing cabinet is also classed as processing personal data.

Personal data counts as anything that can be used to identify someone, including names, email addresses, home addresses and phone numbers. This means that GDPR has implications for almost all data that is included in everyday operations within a call center.

The six reasons a business can legally use personal data are:

  • If you are given explicit consent to use an individual’s data, you may use it for that purpose.
  • If you are entering into a contract and must use their data to fulfill the contract.
  • If you are legally bound to use an individual’s personal data.
  • If processing is necessary to protect an individual’s vital interests, such as well-being or health.
  • If using the data is vital for carrying out a task to benefit the public interest.
  • You can demonstrate legitimate interests are not overridden by their fundamental freedoms and rights.

Consent is specific to the particular use of an individual’s data. If the way you plan to use the data significantly differs to the use they have consented to, then the consent is void and does not apply to this use. For example, if an individual gives their consent to contact them by e-mail, you cannot call them instead. They must fulfill one of the other five criteria for consent to do so.

How can you Cold Call?

Assuming your data lists contain individuals for whom you do not have explicit consent to call, and the criteria above are not met, how can you legally use their personal data, such as phone number, to make calls?

This is listed in the criteria for GDPR, number 6, which states that “legitimate interests” of your business are not disregarded by the fundamental freedoms and rights or interests of the person you are calling. This comparison of interests is called the “balancing test”, and all employees within a call center environment must become familiar with this before 25th May.

Legitimate Interests Clause

The clause for “legitimate interests” is not an easy or back-door option that allows businesses to apply personal data without further consideration.

The GDPR contains balances and built-in checks to ensure that you have considered your business’ legitimate interests and how you impact each individual concerned if you are relying on this clause. These balances and checks also require documentation as proof that you have completed the necessary steps. There are substantial fines if you do not adequately complete these checks.

Legitimate interest can be defined as the benefit your business is looking to achieve by utilizing the personal data, such as creating employment, generating profit or providing high-quality services and goods. They must comply with the law, generally benefit society and there must be no attempt to deceive or mislead customers.


In cases where both sides of the balancing test are equal, GDPR requires that “safeguards” be provided to minimize the risk when using an individual’s personal data. Some safeguards are optional, whereas some are mandatory, such as:

  • People can opt-out easily from further use of their personal data, ensuring registration with TPS, which means no cold calls are made to these numbers. Third party opt-ins are also no longer valid.
  • Documented, strict limitations are placed on the quantity of data collected and the length of time it is kept, known as data minimization.
  • For example, if you do not need an individual’s date of birth, there is no need to ask for it. If you no longer need details within a database then ensure they are deleted.
  • Data Protection Impact Assessment are conducted regularly.
  • The provision of staff training to ensure that affected team members know how to manage requests for information, correction and deletion of data.
Share this article

Leave a Reply

Your email address will not be published. Required fields are marked *


Meet our wholesale voice routing

Fulfill all your voice calling needs with our category leading wholesale A-Z Voice Termination.
Try IDT Express for a $25 Credit

Get $25 Free Trial Credit

Get IDT Express articles in your inbox

The best source of information in the telecom industry. Join us.

    Most Popular

    |  7 min
    Introduction to Toll-Free Forwarding In today’s fast-paced business landscape where...
    |  7 min
    Introduction to Caller ID Reputation Caller ID reputation is a...
    |  6 min
    The European Union’s General Data Protection Regulation (GDPR) has permanently...