General Data Protection (GDPR)

The General Data Protection Regulation (GDPR) represents a new legislative framework from the European Union (EU), designed to unify data regulation across Europe and enhance protection and control for consumers over their data. Essentially, it's an evolved version of the former Data Protection Directive. The primary objective of the GDPR is to safeguard the privacy of EU citizens, particularly their "right to be forgotten" – the right to require organizations to locate and delete any or all data pertaining to them. This guide is intended to provide comprehensive information about how WebHR is preparing for the GDPR and offer you an overview of the new mandates to assist in your preparation for GDPR compliance. As a custodian of customer data, WebHR has modernized its platform and implemented procedures to safeguard your Personal Data from any unlawful loss, theft, leakage, or unauthorized distribution. We commit to obtaining your consent prior to collecting any personal data or information. How can you prepare for GDPR compliance? If your enterprise is domiciled in the European Union (EU), or if you process the personal data of EU citizens, the GDPR has direct implications for your business. The GDPR mandates that you must secure freely given, specific, informed, and unambiguous consent from your contacts. Furthermore, you must transparently communicate how you intend to utilize their personal data. As it pertains to your business, if you have customers residing in the EU, you are required to seek their consent to store their personal information and procure their permission prior to sending them subsequent marketing or promotional Emails/SMS through WebHR. Additionally, depending on their preferences, you can decide the level of detail you wish to store for every user. We strongly recommend consulting with legal or other professional advisors about your GDPR preparations.

WebHR's GDPR-Compliant Updates:

To fully comply with the General Data Protection Regulation (GDPR) when it becomes effective on March 25, 2018; We have undertaken diligent measures and have updated several key features. Firstly, the Customer Registration Process for our EU clients has been revised, and it now includes the solicitation of consent for data processing during registration. Secondly, we've improved how we record Customer Data for our End Users, so businesses will now explicitly ask for customer consent before storing their data. Lastly, we've established a provision for customers of WebHR's End Users to edit or delete their data as needed, enhancing customer control over personal data. This means any customer can now request to either update or completely erase their information stored in WebHR.

Customer Privileges Under GDPR:

Considering the new GDPR, as a client of WebHR, you are now designated as a "Data Controller." Should you have customers within the European Union, and you archive their data within WebHR, it is incumbent upon you to enable individuals to exercise their 'Right to be Informed,' 'Right to Rectification,' 'Right to be Forgotten,' 'Right to Object,' and 'Right to Restrict Processing.' These rights are explained as follows: • Right to Object: Individuals are entitled to voice their objection to the utilization of their data for profiling or direct marketing initiatives. • Right to be Forgotten: Individuals possess the right to demand that personal data be expunged from WebHR. • Right to be Informed: Individuals have the authority to request explicit and succinct information regarding handling their personal data. • Right to Restrict Processing: Individuals can petition for the suppression of their personal data, implying that you may retain the data but must refrain from its usage. • Right to Data Portability: Individuals can request to obtain their personal data, previously provided, in an easily comprehensible format. We trust this information assists in your understanding of the GDPR and how WebHR is ensuring compliance. Should you have any further questions, please do not hesitate to contact us.