Skip to content

Setting Up Call Recording and Staying Compliant

Why Record Business Calls?

Call recording is one of the most requested features on hosted VoIP systems. Businesses record calls for a variety of reasons — training and quality assurance, dispute resolution, regulatory compliance, and capturing important details from customer conversations. With hosted VoIP, enabling call recording is straightforward, but it's essential to understand the legal requirements to ensure your business stays compliant.

Enabling Call Recording on Your VoIP System

Most hosted VoIP platforms offer call recording as a built-in feature or add-on. There are two main modes:

Automatic Recording

All calls (inbound, outbound or both) are recorded automatically without any action from the user. This is ideal for:

  • Sales teams where every conversation needs to be captured
  • Support teams for quality assurance and training
  • Regulated industries where recording is mandatory

On-Demand Recording

Users manually start and stop recording during a call, typically by pressing a button on their phone or clicking a button in the softphone app. This is useful when:

  • Only certain calls need to be recorded
  • You need to pause recording during sensitive information (e.g., card payments)
  • Staff need control over what is captured

Storage Options for Call Recordings

  • Cloud storage — Most hosted VoIP providers store recordings in the cloud, accessible via a web portal. Storage is typically included in your plan or available as an add-on with a set number of hours per month.
  • Local storage — Some systems allow recordings to be downloaded or stored on local servers for businesses with specific data residency requirements.
  • Automatic deletion — Configure retention policies to automatically delete recordings after a set period (e.g., 90 days, 6 months, 1 year) to manage storage costs and comply with data minimisation principles.

UK Legal Framework for Call Recording

In the UK, call recording is governed by several pieces of legislation. Understanding these is critical for VoIP compliance:

Telecommunications (Lawful Business Practice) Regulations 2000

This regulation permits businesses to record calls without the caller's consent for specific purposes:

  • Establishing facts (e.g., recording orders or instructions)
  • Ensuring compliance with regulatory procedures
  • Quality control and training
  • Preventing or detecting crime
  • Ensuring the effective operation of the telecommunications system

However, while consent is not always legally required, best practice is always to inform callers that the call is being recorded.

GDPR Requirements

Call recordings contain personal data and are therefore subject to the General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018:

  • Lawful basis — You must have a lawful basis for recording. This is typically legitimate interest (quality assurance, training, dispute resolution) or legal obligation (regulatory compliance).
  • Inform callers — Play a recording announcement at the start of the call: "This call may be recorded for training and quality purposes."
  • Data retention — Only keep recordings for as long as necessary. Define and document a clear retention policy.
  • Subject access requests (SARs) — Individuals have the right to request copies of their recorded calls. You must provide these within 30 days.
  • Right to erasure — Individuals may request deletion of their recordings, subject to any overriding legal obligations to retain them.
  • Access controls — Restrict access to recordings to authorised personnel only.

PCI-DSS Compliance

If your business takes card payments over the phone, you must comply with PCI-DSS (Payment Card Industry Data Security Standard):

  • Never record card details — You must pause recording before the caller reads out their card number, expiry date and CVV.
  • Automatic pause — Many VoIP systems offer a PCI pause feature that automatically stops recording when a payment is being taken and resumes afterwards.
  • DTMF masking — Some systems mask the DTMF tones when callers enter card details via the keypad, preventing the numbers from being captured in the recording.

Setting Up a Recording Announcement

To inform callers that their call is being recorded, configure a recording announcement in your VoIP system:

  • Record or upload a professional announcement: "This call may be recorded for training and quality purposes."
  • Configure it to play at the start of inbound calls, before the call connects to an agent.
  • For outbound calls, train staff to verbally inform the other party that the call is being recorded.

Accessing and Managing Recordings

Your hosted VoIP admin portal typically provides a call recordings section where you can:

  • Search recordings by date, extension, caller number or called number
  • Play recordings directly in the browser
  • Download recordings as audio files (WAV or MP3)
  • Delete recordings manually or set automatic retention policies
  • Control access permissions — restrict who can listen to or download recordings

Retention Policy Best Practices

  • Define a clear policy — Document how long recordings are kept and why.
  • Automate deletion — Use your VoIP system's automatic deletion feature to enforce the policy.
  • Review regularly — Audit your recording practices at least annually.
  • Typical retention periods — 90 days for general quality assurance, 6–12 months for sales and support, longer for regulated industries as required.

Need help setting up compliant call recording? Get a quote for hosted VoIP and our team will configure recording with the right compliance settings for your business.

Other articles in VoIP Features & Call Management

How to Set Up an Auto Attendant (IVR) on Your VoIP SystemCall Queues and Hunt Groups: Managing Incoming CallsHow to Set Up Voicemail-to-Email on Your VoIP SystemCall Forwarding and Diverting on Hosted VoIPHow to Listen to Voicemail on Your VoIP SystemHow to Change Your Voicemail Greeting on VoIPHow to Block Callers with No Caller ID on VoIPVideo Conferencing with Hosted VoIPHow to Set Up Voicemail on Your PhoneVoicemail Number: How to Find and Use Yours

©Connection Technologies 2026. All Rights Reserved.

Connection Technologies Limited is authorised and regulated by the Financial Conduct Authority, reference FRN 958225

Registered office: Fareham Innovation Centre, Merlin House, 4 Meteor Way, Fareham, Lee-on-the-Solent, PO13 9FU.

Registered in England and Wales, Company No. 11630924

Connect with Us

Linkedin
Sitemap