As a global software company, HR Cloud is committed to the latest in data protection regulation. Over the last year we’ve made a significant number of changes to both our core product as well as our website to stay ahead of GDPR, the General Data Protection Regulation, going into effect on May 25th, 2018.
What Is GDPR?
GDPR is a new EU-wide policy that gives EU citizens greater control over their data. It’s a more articulate version of the 1995 Data Protection Directive, and is the biggest piece of EU data privacy legislation in over 20 years.
Much has been written about GDPR fines for violations, which are up to $20 million or
You might be asking, is GDPR compliance necessary for my non-EU based company? My company isn’t located in Europe!
Consider this: even though GDPR requirements only pertain to EU citizens, how do you really know who within your company or amongst your job applicants are (primary or dual) citizens of an EU-member country?
You don’t. That’s why we’ve made the following updates in our product available globally to all our customers:
What We Did About It
We’re big data geeks at HR Cloud, so we’d like to keep yours as safe as possible.
With that in mind, we went all in on our new consent policies to make sure new hires, potential clients and new customers can:
- Access information regarding what data was collected and why.
- Easily withdraw collection consent at any time.
- Process data rights requests “without undue delay,” as stated in GDPR.
- Have data erased, corrected or removed from processing upon request.
- Be notified of data breaches within 72 hours.
Your Privacy is Priority
You can find our updated Privacy Policy here. In the future, we’ll continue to refine our policy in alignment with any addendums made to GDPR.
To view our Privacy Policy, find the Systems Settings tab on the left side of the Dashboard.
Enter the Consent History section under the Legal menu to find the Privacy Policy page.
Here, users will be able to view HR Cloud’s current privacy policy, including the version number and the publishing date. In the Consent History report, employee acknowledgement of collection consent is archived and easily accessible.
Users can check who’s consented, when and to what policy version. Tiered permission protocols further restrict access to any user not specifically designated by the HR Admin.
Should they refuse consent to collection, they will be completely logged out of the system and denied entry until collection consent is given and registered. This protects the employee, user and system as a whole by assuring data is not continually aggregated during the request process.
Visitors to our website will also have the option to view and refuse consent of privacy policy terms. You’ll find our privacy policy at the footer of our home page or by clicking here.
In the Privacy Shield paragraph, we provide a third-party address for all data rights, requests and privacy concerns. The link takes users directly to the Truste’s Submit a Report form.
Compliance on Your Terms
We’ve also made it easier to configure your own custom Terms and Conditions agreements.
We give users the choice to build Terms and Conditions from the ground up or use GDPR-compliant sample text from pre-written templates. This way, users can comply with GDPR standards while keeping on track with local regulations, internal best practices or any other needs.
Terms and Conditions can be found under the Terms and Conditions tab in System Settings.
Once you’ve granted access to Terms and Conditions, employees can accept or reject. Should data privacy concerns arise at any point in their employment, employees can completely withdraw consent. As with the privacy policy, that employee will be logged out of the system and locked out of their account. Users that have previously refused consent and denied access can regain control of their accounts immediately upon agreement with the current version of the Terms and Conditions.
Demystifying Data Requests
HR Cloud HQ gets a HUGE kick out of making complex processes simple.
That’s why we got really excited when we built our handy-dandy Legal Rights Request Form.
It’s easy to find, easy to fill out and has none of the opaque language of European data laws.
(We can hear your sigh of relief from here.)You’ll be able to document any GDPR-mandated data request, including access, rectification and deletion.
Here’s how it works.
Find our Help Center link on the left of your Dashboard. This will take you to our Zendesk site. The form can also be found in the Legal Rights section of our Privacy Policy.
Users will fill out the fields with their best contact email.
Users will use the Request Reason field to select from any of the primary GDPR Data Rights or enter “Other” to begin a custom query.
Once the user is finished, they’ll click the Send Request button and the form will be transferred to our Customer Support team without delay.
It’s seriously that easy.
The Integration Opt-Out
And, now for something a bit more complicated.
To protect our customers and ourselves, we’ve decided to disallow non-compliant integrations for all users under GDPR jurisdiction. They’ll, of course, be notified if any integrations that they are currently using aren’t compliant.
We’re allowing non-EU users to opt out of GDPR to run non-compliant integrations, provided they can sufficiently prove that they’re not under obligation.
To qualify for opt-out, an employer must prove that they do NOT:
-
Have locations in the EU
-
Employ any EU residents or store data from former employees who are EU residents
-
Store, control or process any personal data gathered from EU residents
-
Store, control or process any transaction records from dealings with EU-based organizations
Should all of this info be provided, the decision to use the integration must be finalized by a person of sufficient administrative authority within the organization. This person can be an officer of the company or, at the very least, the person who authorized the initial purchase of HR Cloud.
If all of the above goes smoothly, the user can utilize necessary non-compliant integrations, but only under these conditions.
Your Bases are Covered
If there’s one thing we’ve learned from our daily chats with HR pros, it’s that they will not rest until they’re sure their people are taken care of.
At HR Cloud, we’re no different in our diligence with your data.
Happy GDPR....ing!
The Crew at HR Cloud
For more in-depth inquiries, the entire GDPR text can be found here.
For any lingering questions, please refer to the GDPR itself, which you can find here.
Want to learn more about HR Cloud? Schedule a free consultation
here
HR Cloud is a leading developer of HR software & HRMS solutions for small and
Keep Reading
The Science of Recognition: How Employee Awards Impact Mental Health and Productivity
People want a pat on the back for doing their job? Back in my day, we just worked quietly!
Redefining Cybersecurity Goals: The Evolving Role of The HR Department
Ask any administrative professional which department they think should manage