Remote Support and GDPR

Remote Support Software and GDPR

Due to the way in which the GDPR defines the ‘processing’ of data, anything displayed on screen during a remote support session undertaken by one of our technicians is deemed to have been ‘processed’ by us. As the definition of ‘personal’ data is also very broad, our technicians may be exposed to ‘personal' data of some sort during remote support sessions.

We use TeamViewer in order to assist our customers via remote support. TeamViewer is a secure platform, and have taken steps to ensure GDPR compliance. You can read Teamviewer's own statement on GDPR  here, and their privacy policy here.

In this article

Under what circumstances do we use Remote Support?

Remote support sessions are undertaken following a request for support from a customer. Customers may request support for a number of reasons, including (but not limited to):

  1. Assistance or advice on best practice or usage of the System
  2. Training or advice on a specific feature of the System
  3. Rectifying an error in usage of the System
  4. Rectifying a bug or fault in the System
  5. Adapting the system to a change in IT setup within the organisation
In all cases our support technicians assess the issue and determine how it should be resolved.  Often queries can be dealt with via email or phonecall, but sometimes a remote support session may be necessary. When determining whether a remote support call is necessary our support technicians will balance the viability of alternative options, the privacy rights of the customer, and our commitment to good service (including the swift resolution of issues), and make a decision in the best interests of the customer.

Examples of when a remote support session may be necessary include (but aren’t limited to):

  1. A new user requires visual demonstration of a software feature or process
  2. An existing user cannot clearly articulate the issue they are experiencing, necessitating further investigation
  3. A bug or fault in the software requires detailed investigation

The proposed use of remote support software is then clearly explained to the customer, undertaken only with their consent, and always conducted in such a way as would be reasonably expected.

 How do we ensure GDPR Compliance when providing Remote Support?

We've implemented the following policies in order to ensure compliance with the GDPR:

  1. Remote support sessions are never stored or archived
  2. Remote support session are only undertaken under the direction of the customer and with their consent.
  3. In line with the practice of data minimisation, our technicians will advise the customer to close all non-relevant windows and programs before connecting and will only access areas of the customer’s system immediately pertinent to the support issue at hand
  4. Notes maintained in our CRM software contain only information pertinent to the support issue at hand, namely:

    1. The initials of the support technician who performed the remote support session
    2. The customer they spoke to
    3. The support issue that necessitated the remote session
    4. The steps taken to remedy the support issue
    5. The conclusion of the remote support session
  5. Any data (client databases, clocking files, fingerprint templates)  obtained by us during the course of a remote support session are deleted by us on conclusion of the support issue. We will only ever collect data directly relevant to the issue at hand.
  6. Customers can end the remote support session at any time.
If customers do not wish to enter into a remote support session we will endeavour to explore all possible alternatives, but this may affect our ability to effectively resolve the issue. 

Back to the GDPR Key Facts page

Still need help? Contact Us Contact Us