When we work with your company’s potential customers, data security must be of the highest standard. Whether we are identifying new leads for you or working with your existing customer database, we carry a great responsibility to ensure that data is not compromised or falls into the wrong hands. You and your customers must be able to trust that all data is safe and protected.
We naturally comply with the European General Data Protection Regulation (GDPR), which is a legal requirement, and we follow the Danish Data Protection Agency’s Guidelines on Direct Marketing. We have strict internal rules and procedures in place to ensure that personal and customer data is handled correctly and securely. Our employees receive ongoing training, and we are audited annually by an external auditor.
Optional: But we go even further — we have integrated the principles of the ISO/IEC 27701 standard specifically adapted for telemarketing.
The security of your data is our priority!
ISO/IEC 27701 for Telemarketing
- Data handling procedures: The standard requires strict procedures for handling personal data — crucial in telemarketing, where large amounts of personal information are processed. This includes defining how data is collected, used, shared, and ultimately deleted.
- Consent and transparency: The standard establishes a framework for managing data in line with customer expectations and legal requirements, which is essential for building and maintaining trust in a direct sales context.
- Privacy risk management: By extending the information security principles of ISO/IEC 27001, the 27701 standard helps telemarketing companies systematically manage privacy risks, including those related to emerging technologies such as AI.
- Documentation and accountability: The standard requires that all policies, procedures, and work instructions are documented, approved, and maintained — ensuring clear accountability in the execution of telemarketing activities.
- Access control: The standard requires organizations to define strict user roles and enforce strong passwords for all personnel who process or control privacy-related data, limiting access to sensitive information.
- (Optional to omit initially) Regulatory compliance: Implementing a PIMS (Personal Information Management System) demonstrates the company’s commitment to data protection. This can be a requirement in client procurement agreements and helps the organization prove its compliance with data protection regulations.
