When using third-party services for call recording and transcription, it is essential to follow best practices to ensure compliance, data security, and an optimal customer experience.
Our blog post covers some of these ideas.
There are a few things you can do when using a 3rd-party provider:
Privacy Policies
A privacy policy available to users provides a detailed outline of how recordings and transcriptions are handled. Depending on local laws, it may also be a requirement by law.
Any privacy policy should be easily identifiable and/or searchable and openly available on your website.
A couple of other things to consider in a privacy policy:
Make it clear in the policy that 3rd party providers (vendors) are used for customer service, such as Dialpad.
Include Dialpad in a list of sub-processors. Describe Dialpad’s processing activity as “Telephony” or “Telephony, messaging, and AI-enhanced customer experience management.”
Callout Vendors
Explicitly naming the vendors used for recordings/transcriptions, such as Dialpad, is good practice. This creates transparency about which vendors are used and what they do. When using Dialpad, the following language can be used as a guide to explain the use of the Dialpad service:
“Dialpad is an AI-powered communications platform that connects companies to their customers via phone, video, and messaging. It supports these conversations through call recording, transcription, and AI-enhanced customer experience management. Recordings and transcriptions are collected based on consent. Dialpad uses customer interactions with its product to improve its AI services and offerings to its customers. Dialpad’s Privacy Policy covers such use.”
Note
If the 3rd-party vendor has a privacy policy, link to it in your own policy.
Mandatory Acceptance of Privacy Policy
To ensure compliance, make the acceptance of your policy required when visiting the website. This can be done using a banner or a pop-up window.
Similar to cookie banners used for the European Union (EU) and the state of California, this optional and relatively heavyweight consent mechanism ensures that visitors can’t claim they didn’t notice or agree to a privacy policy containing some risk mitigation elements.
Using the interactive voice response (IVR) feature to explain that calls are subject to the Privacy Policy can also help ensure that customers know the policy.
Tip
Custom IVRs can be set up from within the Dialpad app.
Up-to-Date Recordings
Make sure your recording notice is up to date. Instead of the standard “This call is being recorded,” adding a reference to a 3rd party and its continuous improvement of AI services can add additional protection.
Note
Dialpad includes a default greeting that addresses these points.
If you prefer to record your own custom, branded recording notification, here is a good example script to get you started:
“Your call may be recorded or transcribed [by us] and our service providers for system and quality training."
How to Avoid Potential Issues
Here are some things to consider to avoid potential issues:
Review legal and privacy policies
Read the third-party provider's terms of service and privacy policy to ensure they align with your company's data retention and privacy standards.
Address accuracy problems
If you encounter issues with transcription accuracy, review best practices for improving audio quality. Some services also allow you to create a "company dictionary" to enhance the recognition of industry-specific terms and jargon.
Manage data storage
Be mindful of data storage and retention. To minimize risk and comply with data minimization principles, regularly delete data when it's no longer needed. Some services offer customizable data retention policies to automate this process.
Consider a unified solution
While third-party services can be powerful, a unified communications platform with built-in transcription and recording features, like Dialpad, can simplify your workflow, eliminate the need for extra integrations, and ensure consistent compliance across your entire organization.