Skip to main content

Compliance & Regulation

GDPR compliance, European data storage, Chorus Pro, SEPA mandate management, and regulatory obligations in BlueRockTEL.

Does BlueRockTEL comply with GDPR?

Yes. BlueRockTEL is designed and operated in compliance with the General Data Protection Regulation (GDPR). This includes:

  • Data minimisation — only the data necessary for service delivery is collected and stored
  • Access control — customer data is accessible only to authorised users within your organisation
  • Data subject rights — tools to export, correct, or delete customer data on request
  • Processing agreements — BlueRockTEL acts as a data processor for your customer data and the relationship is governed by a Data Processing Agreement (DPA)
  • Breach notification — procedures in place to notify you in the event of a data security incident

If you have specific GDPR compliance requirements for a public sector or regulated industry customer, our team can discuss the specific measures in place.

Is customer data stored in Europe?

Yes. All customer data processed by BlueRockTEL is stored on servers located within the European Union. This ensures compliance with GDPR's data transfer restrictions and gives your customers confidence that their data does not leave European jurisdiction.

What happens to my data if I stop using BlueRockTEL?

Your data belongs to you. If you decide to leave the platform:

  • You receive a full export of all your data (customers, invoices, CDR records, tickets) in standard formats
  • Your data is retained for a defined period after contract termination (as specified in your service agreement) and then securely deleted
  • We assist with migration to your new platform during the transition period

We do not hold your data hostage. Data portability is a standard right under our service agreement and under GDPR.

Does BlueRockTEL support Chorus Pro for French public sector invoicing?

Yes. BlueRockTEL supports Chorus Pro — the mandatory electronic invoicing platform for invoicing French public sector entities (government bodies, hospitals, municipalities, public agencies). If you have public sector customers in France, BlueRockTEL can generate and submit invoices to Chorus Pro automatically.

This is a significant requirement for any telecom operator working with French public institutions, and having it built into the billing workflow eliminates a complex manual process.

How does Chorus Pro invoicing work for telecom operators?

When a customer is flagged as a public sector entity in BlueRockTEL:

  1. Invoices for that customer are formatted according to the UBL or CII electronic invoice standard required by Chorus Pro
  2. The invoice is submitted via the Chorus Pro API after the production billing run
  3. The submission status (accepted, rejected, pending) is tracked in BlueRockTEL
  4. Rejected invoices trigger an alert with the rejection reason so they can be corrected and resubmitted

Your finance team no longer has to manually log into Chorus Pro and submit invoices one by one.

Does BlueRockTEL support electronic invoicing requirements?

Yes. BlueRockTEL supports multiple electronic invoicing standards:

  • Chorus Pro (France) — for public sector customers
  • Standard PDF invoices — delivered by email
  • EDI formats — for customers with structured invoice exchange requirements

As electronic invoicing mandates expand across Europe (the EU's ViDA directive), BlueRockTEL's development roadmap includes support for additional country-specific e-invoicing requirements.

How does BlueRockTEL handle SEPA mandate management and compliance?

SEPA mandate management in BlueRockTEL covers the full compliance lifecycle:

  • Mandate creation — each mandate is assigned a unique reference number as required by SEPA rules
  • Mandate storage — mandates are stored with the customer record with their type (CORE or B2B) and status
  • Pre-notification — customers are notified of the amount and debit date at least 14 days in advance (CORE) or 1 day (B2B)
  • PAIN.008 file generation — compliant XML files ready for bank submission
  • Mandate amendments — changes to bank account details are tracked and the mandate reference updated
  • Failed debit handling — returned payments trigger the appropriate sequence (retry or dunning)

Does BlueRockTEL support multi-currency billing?

Yes. BlueRockTEL supports billing in multiple currencies. You can have customers billed in EUR, GBP, CHF, or other currencies. Exchange rates can be configured for cost comparison purposes. Each customer account is assigned a billing currency, and invoices are generated in that currency.

How does VAT compliance work for cross-border invoicing?

BlueRockTEL applies VAT rules per customer type and jurisdiction:

  • Domestic B2B — standard VAT rate applies
  • Domestic B2C — standard VAT rate applies
  • EU B2B (intra-community) — reverse charge mechanism applied, no VAT charged
  • EU B2C — destination-country VAT rate applied (OSS scheme)
  • Non-EU — no VAT typically applies

VAT rates are configured per country in BlueRockTEL. The correct rate is applied automatically based on the customer's country and VAT registration status. Invoices display VAT in compliance with applicable tax law.

What audit trails and logging does BlueRockTEL provide?

BlueRockTEL maintains detailed audit logs of significant actions:

  • Invoices created, modified, or cancelled (with the user and timestamp)
  • Payment records and reconciliation actions
  • Customer account changes (contacts, addresses, service modifications)
  • Access events (logins, data exports)
  • Configuration changes (tariff plan modifications, dunning sequence changes)

These logs support internal audit requirements and regulatory compliance, particularly for financial reporting and data protection obligations.

How does BlueRockTEL handle regulatory changes in telecom billing?

BlueRockTEL's development team monitors regulatory changes affecting telecom billing across EU and UK markets. When regulatory changes occur:

  • Updates to the platform are released as part of the standard software update cycle
  • Customers are notified of changes that require configuration updates
  • Our support team is available to assist with any required reconfiguration

Examples of past regulatory adaptations include changes to SEPA mandate notification periods and updates to Chorus Pro API specifications.

Is BlueRockTEL certified or audited against any security standards?

BlueRockTEL operates in accordance with industry best practices for SaaS security. For specific certification requirements or security audit requests, please contact our team directly. We are able to provide security questionnaire responses and discuss our infrastructure security posture with your IT or compliance team as part of the pre-sales process.

Back to FAQ