Customer Service Obligations under the RGPD



⏱️Tiempo de lectura: 3 minutos, 8 segundos

Customer service RGPD:Do you know what are the obligations of customer service companies in relation to the RGPD? 🥇 Below we inform you of everything related to the data protection of your customers and workers so that you can comply with the law 100%.Attention!.

Companies that have a Customer Service Center (CAU) or a Customer Care Service (SAC) must comply with a series of obligations established in the LOPD (Organic Law on Data Protection) and in the RGPD (General Data Protection Regulation).

These obligations are related to the data protection of the users they serve. Their main purpose is to guarantee users the protection of their personal data.

We will begin by explaining what a user service center and a customer service center are for a better understanding of the obligations they must fulfill.

User service center.

“It is the tool that allows companies to have a communication channel between users and agents to resolve incidents occurring in incoming calls, allowing consultation and follow-up.”

Customer service.

“It is an administrative area in charge of integrating information and managing the procedures requested by customers in a single area, for better identification and accessibility.”

Just as incoming and outgoing calls are important in a call center, so are they when it comes to customer care, but, in this case, the security of data protection of incoming user calls is more important.

Therefore, we will focus on explaining what are the obligations of companies that have a customer service regarding the data protection of callers.

If you are interested in knowing what are the obligations that a call center has in terms of data protection, we also have it at your disposal. Or, perhaps, you already have a CAU or a SAC and you want to know how to manage it with a simple manual.

 

Why is it important to comply with the RGPD in customer service?

As we are dealing with personal data of each of the users served by a customer service, the information provided by the customers must be treated appropriately.

As these data do not belong to the company, but to the user, the LOPD and the RGPD have established some basic rights for the owner of the data, which are: access rights, ratification rights, cancellation rights and opposition rights.

These rights are known as ARCO rights and are complemented by the user’s rights under the RGPD. Compliance with this data protection law in a SAC or a CAU avoids economic and/or disciplinary sanctions by the user towards the company.

Thanks to these obligations on the part of companies or public and/or private administrations, users have control of their personal data.

In addition, all users have the right to have all their information recorded in a safe place, in a technical support center or in writing, and must be duly informed at all times about:

  • Existence of these files
  • Purpose of the same
  • Possible recipients of the information
  • Identity and address of the person responsible for its maintenance
  • Possibility of the exercise of your rights

 

What needs to be done to comply with the LOPD and the RGPD in customer service?

User data can be collected in different ways: by telephone, in writing, in person or telematically, and all of them are equally valid. Let us remember that the new RGPD does NOT accept as valid the tacit or implied consent of users to process their personal data.

Therefore, their consent to share their data must be clearly stated. With the new data protection law, consent must be unambiguous and explicit, and the information must be written in a concise, transparent, intelligible and easily accessible way for users.

For this reason, it is important that all companies that have a customer service department inform each and every one of their customers at the beginning of incoming calls that conversations are being recorded for greater security and data protection.

This notification for the customer’s consent is done automatically by the support center, which is also responsible for storage and management. The customer has access to the recording on request thanks to the ARCO right.

 

rgpd customer service

 

What are the obligations of a call center with data protection? 

These collections of user data must be available to the data subject at all times. Gesditel’s solution with the RGPD and the LOPD allows managing the personal data collected in a very simple way for an optimal management of them and a better access before possible requests for modification, deletion, … by the user.

In addition, it allows data controllers to verify, in a very simple way, the contracts that are made to corroborate that they have the necessary consent. In the case of not having such consent, the user must be requested immediately. This can be total or partial, for example:

  • Full consent: the user gives his consent to the processing of his data and the sending of commercial communications
  • Partial consent: the user consents to the processing of his data and does not want commercial communications to be sent to him.

It is therefore important for companies to have a computer system that allows them to manage personal data collected through writings or incoming calls and easily find them at the desired time to make them available to the user.

We have a telemarketing software that allows the customer service to perform all the necessary functions to comply with the treatment of data protection established by the LOPD and the RGPD.

Perhaps you are interested in having in your business a telephone support center adapted to the needs of your company and that complies with the obligations established by the new data protection law.

If, on the other hand, you already have a customer support center and want to improve it and adapt it to the regulations, do not hesitate to contact us, we will be happy to assist you without obligation.

We hope that this article has been of great use to you and that your support center complies with the obligations established by the state in terms of data protection.

(Votos: 1 )