The legality around recording phone calls hasn't always been clear, with many businesses making you aware if your impending call will be recorded, but what about when you're wanting to record a call from a doctor or a business? Read this guide to learn about the ins and outs of phone recording.
Is it legal to record phone calls in the UK?
According to the Regulation of Investigatory Powers Act 2000, it is completely legal to record a phone call without telling someone, but there is a caveat when it comes to sharing that recording. If you record a phone call and use it for your own personal use, then it is perfectly legal, but if you share the recording to a 3rd party, without the caller's consent, you will be breaking the law.
If you are operating under a business, or need to share the call with a 3rd party, we suggest that you obtain the caller's consent before recording. Businesses typically use a voice note at the start of the call that explains every call is recorded, and can be used internally.
Do you need to ask for consent to record a call?
Even though it isn't strictly illegal to record a phone call, asking for consent beforehand is always a smart way of gaining additional rights to the call itself. If businesses are planning on recording phone calls, they will need to ask for consent before recording the call.
Are all phone calls recorded?
No, not all phone calls that you have will instantly be recorded. Phone companies may be obligated to store information about your calls for up to a year, in case of any issues that may arise, or if the government makes any requests, but typically phone calls will not be recorded.
As you may have already experienced, businesses will sometimes tell you when a phone call is about to be recorded, with the reasoning for doing so.
They do this because, under the European GDPR rules, businesses must have a valid reason to store personal data, and most customer service phone lines will record phone calls for training and quality assurance purposes.
What does GDPR have to say about recording calls?
When GDPR came into effect in 2016, the call recording landscape changed significantly. The General Data Protection Regulation (GDPR) gave more laws and rights to how the average individual's data was processed and stored by businesses.
This meant that more care and protection was needed when collecting people's data. If the proper care and security was not used when housing data, companies and individuals could face large fines and jail time.
When it comes to recording calls, GDPR has stringent rules around businesses recording their customers. GDPR states that businesses must get consent to record calls and explain why the recording will be taking place.
The retention period for business phone recordings in the UK depends on your industry and specific needs, with the Financial Conduct Authority (FCA) requiring a minimum of 12 months in the financial services sector, and other businesses should retain recordings only as long as necessary and dispose of them securely.
What is GDPR?
As we have touched upon above, GDPR is a privacy and security act that is currently being used around the world.
Created by the EU, GDPR focuses on the protection of individuals whose data is collected by businesses and organisations. This act comes with large fines and potential jail time for organisations that do not comply with its detailed and meticulous rules and regulations.
It has 7 data protection principles that every organisation must follow, these are listed below.
Lawfulness, fairness and transparency
A large pillar of the GDPR regulation is the processing of personal data with fairness and transparency. All data correlated and collected must be done within the law and you must gain consent about all the data you are collecting. If data is collected using unlawful means, you will be in breach of the GDPR regulations.
Purpose limitation
Purpose limitation stands for the actual reason for storing data. Without proper need or requirement of said data, you do not have the right to hold it. An example of this would be a business recording and storing a customer's location data when they aren't planning on using it for any marketing purposes.
Data minimization
As a business, you should also keep your data collecting to a minimum. Overextending on the data that you collect from your users and customers is against GDPR's data protection principles, so only collect what your organisation needs.
Accuracy
When storing customer data, it is also important to ensure that it is accurate and up-to-date. Ensuring that addresses, phone numbers and email addresses are all current and accurate for your customers can be an imperative to holding onto their custom for long periods of time.
Storage limitation
Businesses are also limited in the duration that they can hold data for. If a customer orders from a business and does not order again. The business does not have the right to keep their information and data indefinitely. GDPR rules states that after 12 months of no interactions from customers, data should be removed confidentially.
Integrity and confidentiality
When a business processes and holds data, it has to be done with an appropriate level of security and integrity. Using high-level encryptions, complex passwords and leaving paper documents locked away are great steps in keeping data safe.
If there is a data leak within a business, it is imperative that they let their afflicted customers know, so they can make positive changes to avoid further stress.
Accountability
Lastly, all businesses should be accountable for how they control data. They are responsible for being GDPR compliant and will face the consequences if they do not follow protocol.
Transitioning from a single business phone number to a fully integrated phone system was a significant step, and Virtual Landline made the process seamless. Their platform offers a robust set of features—call routing, voicemail-to-email, multi-user support, and more—that were clearly explained and easy to implement. The onboarding process was smooth, and within just a few days, we began seeing improved efficiency and communication across the team. For any business seeking a scalable, cloud-based phone solution, Virtual Landline is a solid choice.
Kieran handled our recent transition to the new Virtual Landline call management system. The migration process of our business VoIP was smooth, and the onboarding video call to explain the system’s features and benefits was clear and informative. For anyone considering Virtual Landline as their VOIP service provider, rest assured—you’re making a reliable choice.
Virtual Landline made the setup process refreshingly simple. Their range of plans offers excellent flexibility and affordability, making it easy to find the right fit for your needs. What really stands out is the scalability of the service—it's reassuring to know that as my business grows, Virtual Landline has the features and support in place to grow alongside it. A smart choice for any business looking for reliable VOIP solutions.
Great to speak to a UK based call centre on the phone, Dan couldn't have been more helpful and friendly! Everything was explained clearly, and the switch over to Virtual Landline from my old copper landline went really smoothly. It did exactly what it promised. Really happy with how easy it all was.