Skip to content
  • There are no suggestions because the search field is empty.

Data protection / security for telephone calls and live chats

BACKGROUND Due to Data Protection, it is imperative that we do not release personal information over the telephone or on live chat about our customers to anyone other than the customer on eFiling, except in exceptional circumstances. You must ask three security questions on every call or live chat with existing customers, to release personal identifiable information about someone in the company, or to make any changes to a company or customer profile. Please ensure you ask three security questions from the following list (depending on who you are speaking to): Confirmation of the customer or majority shareholder date of birth Confirmation of the customer or majority shareholder residential address including postcode At least one of the personal authentication questions Customer’s last transaction (product purchased and month of purchase) Last 4 digits of the card on file (customer only) Confirm the email address we have on file (customer only) Please note the following points: If the caller / live chatter is unable to give you three correct answers to your three initial security questions, please ask them further questions until they give you three correct answers. In total, to pass our data security procedures, the customer must provide you with three correct answers. Please ensure that if the caller/live chatter volunteers’ personal information up front i.e. they call in and state their date of birth, you must not count this as a security question, you must ask three separate questions. Please ensure that you do NOT ask for the full name as a security question, as this can easily be obtained and is not classified as a valid data protection question. If the customer is unable to pass security, please use the following template: EMAIL TEMPLATE IF SOMEONE FAILS SECURITY “Dear [Caller/Live chatter Name]. Unfortunately, you’ve been unable to pass our security procedures and as a result, in order to comply with GDPR and Data Protection regulations, I am not authorised to speak with you about this customer’s account. I apologise for any inconvenience caused and I encourage you to call us back when you have the correct information and we will be happy to speak with you once you are able to pass our security procedures. Are there any general queries I can assist you with? “ WHEN CAN I RELEASE INFORMATION TO A MAJORITY SHAREHOLDER / DIRECTOR? You should only talk to a majority shareholder or a director of the company, once you have established that the customer is uncontactable, and attempts have been made to contact them without success, and where that person (i.e. the majority shareholder or director) has passed our security procedures. WHAT OTHER SOLUTIONS ARE THERE? If the person wants to query a payment or make a change to the company, you should ask them to get the customer to contact us. If the person wants information on eFiling, you should ask them to ask the customer for access to their Online Company Manager, where the information can be found without needing to pass our security questions. CUSTOMERS WITH ACCOUNT MANAGERS Some customers may have multiple people who can access and deal with the customer account. Typically these are customers with a large volume of companies/services and an account manager (Dan, James or Amelia). In these instances, the call should be forwarded to Dan so she can run through additional security questions for people who are authorised to deal with the account. In order to ascertain whether they have an account manager, please do the following: Ask the customer whether they have an account manager. Check to see how many companies/services they have on the account. (If they have a large number then they probably have an account manager). Check the notes on the customer page where it will say if they have an account manager.