The Importance of GDPR Compliance (for EU Involved Clients)

The Importance of GDPR Compliance (for EU Involved Clients)

Considering outsourcing? If your business stores or processes personal information about EU citizens within EU states, even if you do not have a business presence within the EU, you need a BPO who is GDPR certified.

Is Smiles On Demand GDPR Certified?

Yes. We became GDPR certified back in November 2020.

Many large companies require it of their call centre providers to ensure their customer’s data is handled properly.

What Is GDPR & What Is It Intended For?

GDPR put simply, is a regulation that requires businesses to protect the personal data and privacy of EU citizens.

With more and more people making transactions online, and over the phone, the misuse of data is becoming an increasingly big problem.

I’m sure you’ve experienced it yourself when you’ve been cold-called and wondered “how the hell did you get my number”?

Mishandled data can have serious consequences such as identity fraud, lost security information, and lost banking and financial data.

The legislation applies to data transactions made within all 28 EU member states.

Why Does GDPR Exist?

The short answer to that question is public concern over privacy

According to the RSA Data Privacy & Security Report, for which RSA surveyed 7,500 consumers in France, Germany, Italy, the UK and the U.S., 80% of consumers said lost banking and financial data is a top concern.

Lost security information (e.g., passwords) and identity information (e.g., passports or driving license) was cited as a concern of 76% of the respondents.


An alarming statistic for companies that deal with consumer data is the 62% of the respondents to the RSA report who say they would blame the company for their lost data in the event of a breach, not the hacker.

The report’s authors concluded that “As consumers become better informed, they expect more transparency and responsiveness from the stewards of their data.”

How Do The New EU Rules Impact My Business?

The most obvious impact is that failing to comply can cost businesses dearly.

The fines are significant and subject to increase.

Hefty Fines

The EU GDPR sets a maximum fine of €20 million (about £18 million) or 4% of annual global turnover – whichever is greater – for infringements.

Therefore it is crucial that companies entrust their business processing outsourcing tasks to certified teams only to avoid financial ruin.

At Smiles On Demand, your business is our business and we take our commitment to act on behalf of you, seriously.

Having the Right Systems & Processes in Place

Secondly, the strict GDPR rules mean companies will need the same level of protection for things like an individual’s IP address or cookie data as they do for name, address and Social Security number.


The legislation outlines that will need to protect data such as:

  • Basic identity information such as name, address and ID numbers
  • Web data such as location, IP address, cookie data and RFID tags
  • Health and genetic data
  • Biometric data
  • Racial or ethnic data
  • Political opinions
  • Sexual orientation

At Smiles On Demand, we are well-prepared and well-versed in all of strcit GDPR laws.

We worry about it, so you don’t have to.

Eradicating the risk of any breaches that may also compromise individuals or clients confidentiality is one of our utmost priority, along with providing world-class service in all that we do.

Consumer Trust

The RSA report also shows that consumers will not easily forgive a company once a breach exposing their personal data occurs.

Seventy-two percent of US respondents said they would boycott a company that appeared to disregard the protection of their data.

healthcare BPO

Fifty per cent of all respondents said they would be more likely to shop at a company that could prove it takes data protection seriously.

“As businesses continue their digital transformations, making greater use of digital assets, services, and big data, they must also be accountable for monitoring and protecting that data daily,” concluded the report.

Industries Most Affected

A new survey conducted by Propeller Insights and sponsored by Netsparker Ltd. asked executives which industries would be most affected by GDPR.

Most (53%) saw the technology sector being most impacted followed by online retailers (45%), software companies (44%), financial services (37%), online services/SaaS (34%), and retail/consumer packaged goods (33%).

How Does The GDPR Affect Third-Party and Customer Contracts?

The GDPR places equal liability on data controllers (the organization that owns the data) and data processors (outside organizations that help manage that data).

A third-party processor not in compliance means your organization is not in compliance.


The new regulation also has strict rules for reporting breaches that everyone in the chain must be able to comply with.

Organisations must also inform customers of their rights under GDPR.

Got A Question?

We understand that trusting aspects of your businesses processes to a third-party might feel daunting at first.

At Smiles, we’re here to help!

You can set up a call with our CEO Graham Innes on our home page today to better understand how we work and what we offer.

We combine the best of offshore talent with expert oversight and management.

Plus, we are GDPR ready!

At Smiles we’re committed to protecting your data, enhancing your companies reputation, and improving efficiency.

Simplifying support and spreading smiles is what we do best.

If you have any questions for us whatsoever feel to leave them down in the comments section below, we’ll be here to answer them.

Additional Resources You May Find Useful

At Smiles, we’re dedicated to bringing our clients and reader regular, up-to-date information on all things outsourcing.

Not sure where to start?

Here some of our recent articles you may find useful.

  1. BPO Trends in 2021
  2. Why Outsource to The Philippines?
  3. The Ultimate Guide to Outsourcing Tasks for Startups