FAQ

GDPR/Data Protection and Information Security

How do you work with personally identifiable data?

As a telemarketing agency, we work on our own behalf and on behalf of various clients, contacting existing and prospective B2B and B2C customers using the phone and other channels. As this involves the processing of personally identifiable data, it is vital that we comply with the GDPR, and are committed to the secure and compliant handling of all data held and processed by the company.

The Telemarketing Company is registered with the ICO – registration number Z5198027

What legal basis do you use for processing personally identifiable data under GDPR?

GDPR regulations set out six lawful bases under which a business can use personal data legally as part of their business activities. At least one of these must apply whenever you process personal data. The lawful basis we use for this processing is "Legitimate Interest" in accordance with recital 47 of the GDPR.

The ICO recommend that companies using this basis conduct a "Legitimate Interests Assessment" (LIA) and we have done this. The Telemarketing Company complies in full with the TPS/CTPS to prevent unwanted sales and marketing calls and maintains its own company “Do not Call list” in line with Ofcom regulations.

Is cold calling still possible under GDPR?

Yes, it is. GDPR legislation does allow businesses to cold call but ensures it is done in a responsible way, only where there is a ‘Legitimate interest’ to do so, and where the interests, rights and freedoms of the individual are protected.

Under GDPR, organisations are entitled to process personal data to carry out their usual business activities and this can include direct marketing. In the context of cold calling, this means considering the rights of the individual not to have their privacy invaded by unsolicited calls.

Read more on cold calling and legitimate interest

What processes do you apply to protect the rights of individuals?

As part of our best practice framework and GDPR compliance, we have processes in place to avoid any negative impact on call recipients including:

  • TPS/CTPS screening as standard, in addition to our own ‘Do not call’ list.
  • Mechanisms that allow individuals to easily exercise their “Individual Rights” under GDPR including their ‘right to object’, their ‘right to be forgotten’, their ‘right to rectification’ and/ or submit a Data Subject Access Request.
  • Clear privacy, data protection and information security policies that explain how we use and protect the data we process.
  • Robust quality assurance and data management processes.
  • Technologies that protect the individual’s data such as call obfuscation to protect sensitive payment details, encrypted call recordings, data transfer via secure FTP.
  • Systems that manage how many times a number is called.
  • Strict policies and in-depth training for all staff on data protection and GDPR.
  • Easy access to call histories and number look-ups so callers know and can explain exactly where the data they are calling came from.
  • Rigorous training and ongoing coaching around calling ‘best practice’ such as:
    • Callers should state who they are and why they are calling at the start of a call.
    • If the prospect is not interested, their wishes must always be respected.
    • Listen and understand – do not ‘hard’ sell. Callers should listen to the prospect and provide relevant information, tailored to their interests and pain points.

Where does the data come from?

The data we process is obtained from several sources. These include information requests via our website or other channels, our clients, GDPR compliant data providers and online resources in the public domain.

More on data sourcing

Where is data stored and processed?

All data is securely stored and processed within the EU. As Data processor, we undertake to keep all personal data confidential and secure when performing any processing activity.

We guarantee compliance with adequate technical and organisational security measures necessary to properly protect and secure the personal data collected, processed and used.

Who is data shared with?

Personally identifiable data is never shared with any third party other than the client we are working on behalf of. We never resell or share this data to any other party other than in the circumstances below:

  • In the event that we sell any or all of our business to the buyer.
  • Where we are legally required by law to disclose your personal information.
  • To further fraud protection and reduce the risk of fraud.

How do you ensure data isn't corrupted, lost or stolen?

The Telemarketing Company holds the ISO 27001 Information Security Management accreditation. ISO 27001 certifies that a business has a systematic and ongoing approach to managing information security risks that affect the confidentiality, integrity, and availability of company and customer information.

This accreditation gives clients robust assurance that security controls are in place to protect their sensitive information and data from being accessed, corrupted, lost or stolen. It means we are fully compliant with the highest internationally recognised standards of information security and maintain best practice as part of an ongoing process of continuous investment, review and regular external audit.

For copies of our Data Protection, Information Security and related policies, please get in touch.

Useful resources

 

 

Related articles

Our full range of telephone services

Data Services

Flexible Data Services

Data Cleansing
Data Cleansing
Clean, up-to-date data delivers better quality leads and boosts sales
Read more
Data Enrichment
Data Enrichment
Data enrichment helps you better connect with your target audience and delivers actionable insights, improved conversion
Read more
Email Opt-ins: GDPR
Email Opt-ins: GDPR
Do you have a clean, compliant, opted-in database?
Read more

Pre Sales Research

Drive your sales strategy with telephone interviewing

Pre Sales Research
Pre Sales Research
Arm your sales and marketing teams with clear customer intelligence and actionable insight.
Read more

Telemarketing

Telemarketing that’s personal, agile, smart and insightful.

Lead Generation
Lead Generation
A steady stream of qualified buyers
Read more
Call Handling
Call Handling
We can provide your customers with an expert, personalised service - making every interaction count
Read more
Appointment Setting
Appointment Setting
Successful appointment setting requires meaningful human interaction with senior decision makers
Read more
Lead Management
Lead Management
Improve lead flow and quality - turn inbound leads into sales
Read more
Event Marketing
Event Marketing
Engage high value attendees and drive registrations
Read more
Lead Qualification / Nurture
Lead Qualification / Nurture
Move leads through the funnel more strategically with our expert lead qualification and lead nurturing services
Read more

Sales

High-performance Telesales

Telesales / Inside Sales
Telesales / Inside Sales
Flexible, high performance transactional telesales and complex inside sales services.
Read more
Account Based Marketing
Account Based Marketing
Increase profitability, reverse churn and increase customer lifetime value.
Read more

Post Sales Research

Strengthen customer relationships

Welcome Calls
Welcome Calls
A welcome call is an opportunity to reach out to new customers and reduce customer churn, as part of an effective customer management strategy.
Read more
Customer Satisfaction
Customer Satisfaction
Gain a more nuanced view of your customers’ experiences through phone-based surveys.
Read more
Treating Customers Fairly / Compliance
Treating Customers Fairly / Compliance
An FCA authorised and regulated business, our expert team can help you meet your TCF compliance needs.
Read more