How to comply with the GDPR and the ODPL in a call center? The year 2022 will undoubtedly be a year full of great challenges for data protection and privacy. Taking into account the digital transformation in which we are fully immersed, with Big Data as the protagonist, data security and the processing of personal data of natural persons must be a priority for companies. Much more so when we talk about the call center and contact center sector, bearing in mind that a call center offers services and products and provides customer service.
For this reason, today we want to talk about two very important concepts: the ODPL (Organic Data Protection Law) and the GDPR (and the General Data Protection Regulation) and how to comply with them in a call center. Do you want to know more? Keep reading!
Why is it important to comply with the ODPL and the GDPR?
The aforementioned digital transformation, so positive for companies, means that they have a very high volume of information and data on workers, suppliers or customers.
Some data that must be protected and, especially now, obtained after the users’ written consent to avoid sanctions. In fact, in case of breaching the ODPL and the GDPR, sanctions ranging from 600 to 600,000 euros may occur.
What are the differences between GDPR and ODPL?
Although it is essential to be clear about both concepts as a company responsible for the processing of user data, there are differences between the GDPR and the ODLP.
As you know, on May 25th, 2016, the General Data Protection Regulation (GDPR) came into force, whose application began on May 25th, 2018.
Both the ODLP and the GDPR were created with one objective: to establish the correct balance between the free circulation of data within the European Union and the protection of the private life of citizens.
- One of the differences lies precisely here, in the scope of application: while the ODLP was only applied in Spain, the European Data Protection Regulation (GDPR) is applicable throughout the world. Of course, as long as the data that is protected belongs to people residing in the European Union.
- Another difference, perhaps one of the biggest, has to do with consent: while the ODLP considers it as tacit consent, the GDPR specifies that this consent must be “explicit and unequivocal”.
In Spain we have a national and autonomous body that acts as a “control authority” and ensures the aforementioned data protection: the Spanish Data Protection Agency.
GDPR: how can call centers turn it into a competitive advantage?
In this sense, since 2018 until now, Call Centers have had to adapt to the new regulations for different reasons:
- Correctly manage (especially at the legal level) the company’s data
- Correct treatment of the data of the customer, offering full guarantees that their data is safe. A compelling reason when losing or recovering lost customers in a contact center
Thus, in a sector where immediacy is one of the bases and where the barriers between the digital and the physical (phygital era) are less and less, ensuring that there are no security breaches and finding the balance between speed/effectiveness and security becomes quite a challenge.
A challenge to which call centers can react in two ways: with fear and uncertainty or, on the contrary, with initiative, seeing it as a possible competitive advantage. There is a clear reason: those who offer guarantees on security issues have a long way to go. A contact center software capable of identifying and eliminating vulnerabilities, managing policies and permissions or capturing, encrypting and storing data securely is often a very important key.
At ICR we prioritize your security: discover how with our call center software
At ICR Evolution we consider the security of your call center to be very important. For this reason, our software EVOLUTION supports a series of standards and protocols with one objective: data protection.
Request a demo of our call center software EVOLUTION and find out how we can help you with the security of your customers and the processing of their data.