PCI Compliance & GDPR
Clear Connections can provide solutions for your PCI compliance and GDPR needs.
GDPR requires data controllers and data processors (in effect, their IT and network managers) to implement appropriate technical and organisational measures in order to protect the personal data in their custody. This means configuring and operating your network to facilitate data protection, will become imperative for GDPR compliance.
We have embraced the regulations pertinent to business operation including GDPR.
Call Recording
To assist Splicecom customers to meet the new GDPR requirements, Splicecom have refined the process of call recording on certain products; specifically, how call recordings are stored and deleted.
In the Business Management suite, Vision, the following abilities have been added;
- Search for a Contact or Number - see all associated calls and recordings - delete all calls and recordings, or delete recordings, with double delete confirmation i.e. “Are you sure?”.
- Search for a Contact or number - see all associated calls - delete the specific call(s) and recording(s), or recording(s) only, again with a double delete confirmation.
- An Audit trail stating deletion type.
Cloud Services & IP Addressing
We provide a range of virtualised servers, onto which resellers can load our voice products, platforms and applications, in a private cloud environment. Small, medium and large virtual servers are replicated to a secondary source.
Wide Area access to the servers is through Trusted IP Addresses specified by the end-user.
- End User Access/Connectivity
- Configuration/Maintenance
- SIP Trunk Endpoint Termination
PCI
Call recording Mask/Un-Mask feature already meets the current PCI DSS requirement that the sensitive 3-digit Credit Card CVC2/CVV2/CAV2 data must not be stored. Call Masking is invoked automatically, via integration with the application used for entering customer details.
Manual Call Masking via Splicecom devices is also supported.
All data is stored in the EU.