Glossary

GDPR

The European Union's general data protection regulation. Sets the rules for processing personal data of EU residents, consent, data subject rights, breach notification, cross-border transfers.

GDPR, the General Data Protection Regulation, is the EU's privacy framework. It applies to any organization handling personal data of EU residents, regardless of where the organization is based. Penalties can reach 4% of global revenue.

For a CX-AI vendor, the relevant obligations are: lawful basis for processing (contract or consent), data-subject rights (access, deletion, portability), retention limits, breach notification (72 hours), and a documented data processing agreement (DPA) with the customer.

The cross-border transfer rules are the most operationally relevant piece. Sending EU customer data to the US requires either Standard Contractual Clauses (SCCs) or a data residency option that keeps the data in the EU. A vendor without EU data residency cannot honestly claim full GDPR compliance for European customers.

How Vorel does this

Vorel supports EU + UK data residency by default for any customer flagged as serving EU data subjects. DPA under standard SCC terms is auto-attached.

The next call doesn’t have to go to voicemail.

Book a thirty-minute demo. We point Vorel at one of your real numbers on the same call.