Skip to main content
This page does not constitute legal advice. Always review your specific use case with legal counsel and observe the applicable statutory retention requirements in your country.

Overview

Automatic deletion of call data is an important part of GDPR-compliant data management. With the Famulor workflow template, you can have call data and related information automatically deleted after a configurable retention period (default: 180 days).

GDPR Compliance

Automatic enforcement of storage limitations according to Art. 5 para. 1 lit. e GDPR

Time Savings

No more manual management of deletion periods required

Legal Security

Reduces risks from accidental overruns of retention periods

Flexible Configuration

Individual adjustment of retention duration depending on use case

What is this Workflow?

The Automatic Deletion Workflow is a preconfigured template for the Famulor automation platform that:
  • Automatically identifies call data (call records)
  • Calculates the age of the data (based on call date)
  • Performs deletion when the configured retention period has been exceeded
  • Runs daily to ensure ongoing compliance
Default configuration: The workflow is set to a 180-day retention period by default. You can adjust this duration in the code node.

Why Automatic Deletion is Important

The GDPR (General Data Protection Regulation) requires storage limitation in Art. 5 para. 1 lit. e:
“Personal data must be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.”
1

Purpose Limitation

Data may only be stored as long as the processing purpose exists
2

Data Minimization

Unnecessary data storage violates the principle of data minimization
3

Deletion Obligation

Deletion is required when the purpose ceases or legal deadlines expire
4

Proof of Compliance

Automated processes document adherence to deletion deadlines

Practical Advantages

  • Avoid fines: GDPR violations can result in fines up to 4% of annual revenue or €20 million
  • Reduce liability risks: Automatic deletion prevents accidental breach of retention periods
  • Compliance documentation: Automated processes create verifiable compliance evidence
  • No manual management: Automatic execution saves time and resources
  • Consistent enforcement: No human errors in calculating deletion deadlines
  • Scalability: Works independently of the number of calls
  • Minimal data storage: Reduces attack surface for data breaches
  • Data minimization principle: Only as much data as necessary, only as long as needed
  • Customer trust: Demonstrates proactive data protection practices

GDPR (General Data Protection Regulation)

The GDPR is the primary legal basis for processing personal data in the EU:

Art. 5 GDPR

Processing principles: Lawfulness, purpose limitation, data minimization, storage limitation

Art. 6 GDPR

Legal bases: Consent, contract performance, legitimate interest, legal obligation

Art. 17 GDPR

Right to erasure: “Right to be forgotten” when purpose ends or consent is withdrawn

Art. 30 GDPR

Record of processing activities: Documentation of all data processing

Telecommunications Act (TKG)

The Telecommunications Act (TKG) also regulates specific aspects of telecommunications:
  • Special protections for telecommunications data
  • Prohibition of unauthorized transmission of traffic data
  • Storage only for billing purposes or statutory obligations
  • Consent required: Both parties must agree to recording
  • Purpose limitation: Recordings may only be used for the specified purpose
  • Deletion obligation: Deletion after purpose ceases or legal deadlines expire

National Laws

  • BDSG (Federal Data Protection Act): Supplements GDPR with national provisions
  • TMG (Telemedia Act): Regulates telemedia services
  • UWG (Unfair Competition Act): Regulates telephone marketing and consents
  • DSG (Data Protection Act): National GDPR implementation
  • TKG 2021: Telecommunications Act with strict consent requirements
  • nDSG (new Data Protection Act): In force since 01.09.2023, similar to GDPR
  • FADP (Federal Act on Data Protection): Federal data protection law

Observe Retention Obligations

Important: Before configuring automatic deletion periods, verify whether your industry or use case is subject to statutory retention obligations (e.g. under commercial law, tax law, medical law).

Commercial Law

Commercial books: 10 years (HGB § 257)

Tax Law

Tax-relevant records: 10 years (AO § 147)

Medical Law

Patient records: 10–30 years depending on country

Labor Law

Personnel files: 2–10 years depending on document type

Setting Up the Workflow

Step 1: Access the Automation Platform

  1. Open Famulor Platform: Navigate to https://app.famulor.de
  2. Log in: Sign in with your credentials
  3. Open Automation menu: Click on “Automation” in the main menu
Make sure you have access to the automation platform. If not, contact support.

Step 2: Open the Workflow Template

Open the workflow template via the following link: Workflow Template: https://automate.famulor.de/templates/EQ2ZaUGJARERwPH4IeLoh
The link opens the preconfigured template directly in the automation platform.

Step 3: Add API Key

  1. Retrieve API key:
    • In the Famulor Platform, go to SettingsAPI Keys
    • Create a new API key or use an existing one
    • Copy the API key
  2. Insert into workflow:
    • Find the API authentication node in the workflow
    • Paste your API key into the designated field
Security: Keep your API key secure and do not share it with third parties. You can regenerate the key in settings if lost.

Step 4: Adjust Retention Period

  1. Open code node: Locate the code node in the workflow
  2. Change retention duration:
    • Default: 180 days (6 months)
    • Adjust the value according to your requirements
    • Example: const retentionDays = 90; for 90 days

Step 5: Activate Workflow

  1. Save workflow: Click “Save”
  2. Publish workflow: Click “Publish”
  3. Automatic execution: The workflow runs automatically every day
The workflow runs in the background and checks all call data daily. Calls older than the configured retention period are deleted automatically.

What Gets Deleted?

The workflow automatically deletes:
  • Call data (call records)
  • Associated metadata (date, time, duration)
  • Transcriptions (if available)
  • Related lead information (depending on configuration)
Irreversible: Deletion is permanent and cannot be undone. Ensure important data is exported before the retention period expires if needed.

Best Practices

Legal Review

Verify all statutory retention obligations for your industry before configuring

Documentation

Document the configured retention period in your record of processing activities

Regular Review

Regularly check if the retention period is still appropriate

Backup Strategy

Consider backing up important data before automatic deletion

Frequently Asked Questions

Yes, you can customize the workflow to exclude certain calls based on criteria (e.g., tags, campaigns, status). This requires adjusting the code node.
Automatic deletion is final. Make sure important data is exported or backed up before the retention period expires.
The workflow does not automatically take statutory retention obligations into account. You must adjust the retention period accordingly or exclude specific data from deletion.
By default, the workflow runs daily. You can adjust the frequency in the workflow settings.

Further Information

GDPR Compliance

Compliance requirements for phone number provisioning

Data Protection & Compliance

Legally compliant cold calling in the DACH region

Automation Platform

Introduction to the no-code automation platform

API Reference

API documentation for advanced integrations
Note: For questions about configuration or legal requirements, please contact Famulor Support or consult legal counsel.