GDPR has arrived and it affects every business in the UK
ActIn Time sees the introduction of the GDPR control which will assist companies to work within the data protection rules.
What does this mean for a company using an ActIn Time workforce management system?
Customer care will organise a meeting where an ActIn Time technician will discuss your company’s GDPR policy with your GDPR data controller.
This meeting will cover two main areas:
The method in how ActIn Time handles your company data which, will in turn, impact the way our support team provides certain types of service.
For example, your business may require that ActIn Time never removes personal data from site. This information must be recorded against your SLA notes to ensure we do not create an environment where a personal data breach could occur.
The processing of personal data stored within the ActIn Time application.
We will identify any personal information fields within ActIn Time that do not need to be recorded and take steps to ensure that they are made invisible. We will also discuss how long certain information needs to be kept by the company for people classed as employed or as a leaver. We will then create a series of GDPR housekeeping scripts that will ensure these rules are upheld.
Some example GDPR housekeeping scripts:
Storing of Address Information
- If ActIn Time is not being used as the primary HR system do not allow address information to be recorded.
Storing of NI Information
- If ActIn Time is not being used as the primary HR system do not allow National Insurance data to be recorded.
Leavers & Biometric Information
- When an employee leaves the company, remove their biometric data within 24 hours.
Leavers & Future Absence Information
- When an employee leaves the company, remove all records of their future holidays and medical appointments within 24 hours.
Leavers & Portal Information
- When an employee leaves the company, delete all passwords to the ActIn Time app’, the TWC and the ESS within 24 hours.
Leavers & Past Attendance / Absence Information
- When an employee has left the company and after the statutory period, remove all attendance and absence information and personal data.