Sparkcentral’s Commitment to Privacy and The GDPR

The GDPR (General Data Protection Regulation) is a significant piece of legislation designed to strengthen and unify data protection laws for all individuals within the European Union.

gdpr date

The regulation has become effective and enforceable on the 25th of May, 2018. If you are a company outside the EU, you should still be aware of this. The provisions of the GDPR apply to any organization that processes personal data of individuals in the European Union, including tracking their online activities, regardless of whether the organization has a physical presence in the EU.

Sparkcentral is committed to compliance with the GDPR and met this standard prior to the regulation’s effective date. Furthermore, we see this as an opportunity to improve efficiency in processes relating to data handling and increase transparency on our data practices.

Watch our webinar on GDPR

gdpr overview sparkcentral

The GDPR applies to all companies that process personal data of European Union (EU) residents, no matter the company’s location. The EU has mandated updated overarching privacy and data security standards to protect its residents. This is the first global data protection law set by the EU and means that any company that handles information relating to EU residents will have to comply with the requirements of the GDPR.

Sparkcentral began to dedicate internal resources to the GDPR in early 2017, almost a full year before the deadline. Compliance was achieved well before the May 25th, 2018 deadline. We did this because we value our customers’ (and their customers’) rights to privacy. We want to help you focus on serving your customers, instead of navigating regulations, so we’re ensuring our platform will be GDPR compliant. Our clients are all around the world, and compliance with and to international law and regulations are of paramount importance to us.

Sparkcentral took steps across the company to ensure our readiness for the GDPR. We improved processes within the organization and our platform. We also worked on interfaces that allow you to address requests from your customers related to their rights for removing any personal data that might be stored in your Sparkcentral account.

Work with an EU-based GDPR-specialized firm to assess our platform and internal processes, and identify areas impacted by GDPR.

Prioritize and integrate GDPR requirements with our security, compliance, and privacy-by-design programs.

Sign Data Protection Agreements with any third party provider to our platform, and create a customer-facing Data Protection Agreement.

Highlight product features to improve and streamline access for GDPR-related customer requests.

Engage with a third-party dispute resolution provider.

Register with the Privacy Shield program.

Achieve GDPR compliance.

As a Sparkcentral customer, you can always request additional information on GDPR and Privacy related information and features from your Client Partner or Account Director, or you may contact us at

The General Data Protection Act (GDPR) is the most significant piece of European data protection legislation to be introduced in the European Union (EU) in 20 years and will replace the the 1995 Data Protection Directive. Fun fact: as a regulation, the GDPR is mandatory, while the directive it replaces was a legislative act that established a common goal across all EU countries. Here’s a link to ICO’s official guide to GDPR.

The GDPR regulates the processing of personal data about individuals in the European Union including its collection, storage, transfer or use. The concept of “personal data” is very broad under the GDPR and covers any information relating to an identified or identifiable individual (also called a “data subject”). Basically, think of this as any piece of information you could use to determine who a person is and the information associated with their unique identity. Since you could identify someone by their photo, email address, social media posts, the handling of this information is covered by the GDPR.

This regulation gives data subjects more rights and control over their data by regulating how companies handle and store the personal data they collect. The results of being in breach of the GDPR are increasingly significant and may be enforced with heavy fines. Ultimately, the GDPR improves EU individuals’ privacy rights and significantly increases obligations on organizations handling data owned by EU subjects.

Key changes that are
coming into effect with the GDPR

Expanded rights for and protection of individuals
The GDPR provides expanded rights for individuals in the European Union by granting them, amongst other things, the right to be forgotten and the right to request a copy of any personal data stored in their regard.

New compliance obligations
The GDPR requires organizations to implement appropriate policies and security protocols, conduct privacy impact assessments, keep detailed records on data activities and enter into written agreements with vendors.

Increased data breach notification and security
The GDPR requires organizations to report certain data breaches to data protection authorities, and under certain circumstances, to the affected data subjects. The GDPR also places additional security requirements on organizations.

Updated requirements for profiling and monitoring
The GDPR places additional obligations on organizations engaged in profiling or monitoring behavior of EU individuals. These are necessary to ensure data governance with reporting, record keeping, and transparency in mind.

Improved Enforcement
Under the GDPR, authorities can fine organizations up to €20 million or 4% of a company’s annual global revenue, based on the seriousness of the breach and damages incurred. The GDPR is meant to both provide control to individuals and ensure lawful processing. Also, the GDPR provides a central point of enforcement for organizations with operations in multiple EU member states by requiring companies to work with a lead supervisory authority for cross-border data protection issues.

If you have any questions, please don’t hesitate to contact us at