gdpr

XCALLY and GDPR



Since its first projects, Xenialab approach focused towards a strong committment to privacy, transparency and safety in order to guarantee our clients personal data.

This approach implies that the analyses of the overall architecture, as well as of the single components of the solutions, always follow the prerequisite of protecting the data, as now pointed out by the UE in the General Rule on the Protection of the Data (GDPR), that becomes executive on May 25 2018.

To confirm the trust of our clients and our partners, we have updated our analyses and procedures in order to guarantee the conformity of XCALLY Motion with the new UE normative of GDPR.
 


XCALLY Motion is now conforming, and before the expiration date of May 25 2018 will become operational, to the GDPR specification indicated in the normative 2016/679/UE: our dedicated team is working on the actual functionalities and structure of the product in order to find new solutions for the safety and the conformity to the GDPR and supporting our clients with specific applications in their own area of activity.


For this purpose and to guarantee the maximum safety of the product:

  • we execute periodically some specific tests of "intrusion detection" at several levels of complexity
  • we devote the utmost attention to adopting the last version of the software and of the safety patches of all the base components, to the configuration of the system firewalls and to the Asterisk system protections
  • the audio files of calls recordings and all the data files are already encrypted and coded
  • for external functions of reading and feeding we use safe protocols as SSL/TLS
  • the WebRTC technology used for XCALLY Motion already supports safe protocols as WSS and HTTPS
  • for the Phonebar we are working on replacing the use of SIP and RTP protocols with the safer SIPS and SRTP TLS.




From the XCALLY MOTION V2 Version 2.0.52 we provide:

- the Security Suite, that enables a set of rules for Administrators, Agents, Telephones and Users accounts about the password format, reset and expiration after 90 days.

- the Voice Recording Encryption, that protects your recorded calls from unauthorized use or file system breach. The encryption is highly recommended if the stored call recordings contains sensitive or personal data. The encryption is turned off only if the files containing the voice recordings are accessed from the Motion user interface.

We strongly recommend you to enable these features - under the General Settings section - in order to enhance the agent password security and privacy according to the GDPR rules.