Glossary · Compliance
GDPR on-call alerting
GDPR on-call alerting is on-call notification that processes responders’ personal data — phone numbers, names and acknowledgements — in line with the GDPR, meaning a lawful basis for processing, working opt-out, data-subject access and erasure, EU residency and a DPA with the provider.
In practice
Effective and lawful at the same time
Reaching an on-call responder means processing their personal data: phone number, name, language, and the record that they were notified and acknowledged. GDPR on-call alerting handles that responsibly. IRIS keeps the data on the EU edge by architecture, supports STOP/START opt-out in 6 languages, honours GDPR Article 15 access and Article 17 erasure (with pseudonymisation so the audit trail survives without identifying detail), keeps retention configurable, and offers a DPA. The result is alerting that escalates until a human acts and respects the rights of the people in the chain.
GDPR on-call alerting — frequently asked
Why is on-call alerting a GDPR concern at all?
Because contacting a responder means processing their personal data: their phone number, name, language, and the timestamped fact that they were notified and acknowledged. Under the GDPR that processing needs a lawful basis, a way for the person to opt out, and mechanisms to honour access and erasure rights — the same as any other personal-data processing.
How does IRIS handle opt-out, access and erasure?
IRIS supports STOP/START opt-out keywords in 6 languages tenant-wide, GDPR Article 15 export (a data subject can get a copy of their data), and Article 17 erasure with pseudonymisation of historical records so the audit trail stays intact without retaining identifying detail. Retention is configurable, and a DPA is available.
Does opt-out conflict with reaching someone in a critical alert?
Opt-out governs whom the system may contact and how that contact data is processed; it does not weaken escalation for the responders who are in scope. The point of GDPR on-call alerting is to be both effective and lawful — escalating until a human acknowledges, while respecting the rights of the people in the chain.
See how IRIS makes on-call alerting GDPR-compliant — opt-out, access, erasure and a DPA.
Compliance & EU residencyGDPR-compliant on-call, by design
Start free with 1,000 credits — no credit card — on EU-resident, GDPR-ready infrastructure.