Home > Blog > GDPR and Timetac: How We Protect Your Data

GDPR and Timetac: How We Protect Your Data

by Andrew O'Connell, 17.04.2018

The European Union has taken a large step towards improving the security and protection of EU residents’ personal data in the form of the General Data Protection Regulation (GDPR). Effective from 25th May 2018, it will place strict requirements on companies and employers as to how data of individuals are handled.

The General Data Protection Regulation

The European Union has taken a large step towards improving the security and protection of EU residents’ personal data in the form of the General Data Protection Regulation (GDPR). Effective from 25th May 2018, it will place strict requirements on companies and employers as to how data of individuals are handled.

This regulation doesn’t stop with companies that are based within the EU, but expands to cover any company which processes the data of an EU resident. Even if you have one employee or one user of your service that is based in the EU, then you need to comply with this regulation. Enough of the general topics. Let’s talk about how this affects TimeTac.

Our Aim

Many areas are affected by this regulation, but we believe that transparency is the main topic for us to focus on. This relates to our internal handling of personal data, as well as the communication of important information with our customers and their employees. We will continue to develop and maintain our applications and services while concentrating throughout on making sure all of our operations are clear, streamlined, and in the best interests of everyone. TimeTac’s compliance with the regulation, and being able to prove that compliance, are both very close to the hearts of our customers, and we can understand why. We want to ensure the appropriate technical and operational measures are in place to look after everyone’s personal data. As with many regulations and legal texts, there is room for subjective interpretation, which means it’s not easy to say “we are GDPR compliant”, however, we are working tirelessly with our legal and technical teams to do all that we can.

How We Are Preparing for the GDPR

  • Personal data identification – We are identifying where personal data is collected and where it used. This can also be direct or indirect personal data, so it covers a larger area than most people think. It was important that we took our time with this step.
  • Processes and processors – Once we have the data, we need to map out what we do with it. We documented these processes and labelled which of our carefully selected partners receive this data for helping carry out our services.
  • Data security – Ensuring that the technical and organisational measures are in place, to make sure that both machine and human efforts are made to prevent unauthorised access, accidental loss and the like.
  • Documentation of compliance – We created a complete overview of the data and where it flows, including the creation of various policies along the way to further improve those technical and organisational procedures in place.
  • Mechanisms for data subject rights – Putting the procedures in place for dealing with data subject rights, such as accessing the personal data we process regarding them.

How Does This Affect Our Customers?

New customers will see almost identical processes to what we currently have. Updated agreements and policies will need to be carefully read and accepted before using our software or services – it’s important we all take data protection seriously. Existing customers will be informed very soon regarding our updated agreements and policies. These updates will come into force to align our services with the GDPR and modern data protection standards. It’s worth noting the impact this regulation will have on our customers in the United Kingdom. Brexit will have no impact here. The GDPR will become effective before the UK leaves the EU and therefore this regulation will still apply to organizations in the UK, or those processing the data of residents of the UK. It is also believed that the regulation, or a very similar version thereof, will be written into national law after Brexit.

Your Trust Is Important to Us!

Would you like to learn more about the protection of your data at TimeTac?


Share this article


You might also be interested in:

30 Day Free Trial

Test TimeTac for Free!

Test TimeTac for 30 days, free of charge!

Time and attendance management doesn't have to be hard. Test TimeTac for 30 days, completely free of charge, and convince yourself of the many benefits that a modern time tracking solution can offer. No credit card is requires and the test account will automatically expire after 30 days.

30 Day Free Trial