Can we record calls under GDPR and how do we handle consent?
Recording is allowed if there is a legal basis and the caller knows. A pre-call notice at the start is the practical standard, plus a retention period.
Try this first
- 1Document the purpose (quality, training, dispute resolution), not 'just in case'.
- 2Add a welcome message: 'this call is recorded for X', with opt-out via a key if possible.
- 3Set retention, for example 30 or 90 days, and clean up automatically.
- 4Update the processing register and privacy statement.
When to bring us in
Recordings contain payment or medical data: separate encryption and strict access policy, otherwise you have a GDPR incident on a breach.
See also
- Voys, BelXS or RoutIT, which cloud PBX fits?Three popular NL platforms, differences are admin UI, partner model and per-user price.
- Teams Phone: Calling Plan, Direct Routing or Operator Connect?Three ways to connect PSTN to Teams, cost and management differ a lot.
- 3CX: self-host on VPS or take 3CX cloud?Self-host saves licence, but you own SBC, backup and updates.
None of the above fits?
Describe your situation below. We pass your input plus the steps you already saw to our AI and return tailored next-step advice. If it's too risky to DIY, we'll say so.
Or skip the DIY entirely
Our Managed IT clients do not look these things up. One point of contact, a fixed monthly price, resolved within working hours.