1. Donseed and GDPR
Donseed recognises the significance of its compliance obligations in respect of both Data Protection and Information Security in relation to the General Data Protection Regulation (GDPR).
We have always taken data security and privacy extremely seriously and believe that the GDPR is a crucial step forward for clarifying and enabling individual privacy rights. As such we are committed to GDPR compliance. Our aim is to provide customers with an industry leading level of data security and we constantly review and reinforce our Data Protection and Information Security practices to achieve this.
2. Data Controller Vs Data Processor
2.1. Who is the Data Controller?
Donseed customers are the data controller as defined by the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679).
The Data Controller determines the purposes for what and the manner in which any data is processed.
2.2. Who is the Data Processor?
In accordance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) Donseed acts as a Data Processor on behalf of the Data Controller\customer.
The Data Processor processes data under the instruction and on the behalf of the Data Controller. It is the responsibility of the data controller to ensure that a legal basis for the collection of all personal data, including biometrics, has been established and where necessary explicit consent obtained from the end users.
3. Data Processed by Donseed
Donseed processes the following categories of personal data on behalf of our customers:
- Personal Data (contact information, payroll information, location information etc.)
- Sensitive Personal Data (biometric data)
As data controllers our customers decide exactly what data we process on their behalf and can manage and control this processing via out software products.
As data processors we only process information under the instruction and on behalf of our customers.
4. Donseed Products and Data Storage
Donseed utilises state of the art cloud solutions to host our product platforms and all our data centres are located within the European Economic Area (EEA).
We only work with cloud hosting services that meet the highest standards of security and privacy.
5. Using Donseed to Manage GDPR Compliance
Donseed provides software services which allow customer to manage and store their employee time and attendance records securely on a centralised online portal.
Customers can utilise Donseed to support GDPR compliance with:
- Customisable data protection statements and consent management via our tablet product
- The Ability to manage your operatives’ rights under GDPR to access, change, delete and export their personal information from a single centralised location
6. Further Information
If you require further information in relation to our products and services and GDPR please contact your account manager.
Important Note: The information provided above does not constitute, and should not be construed as, legal advice.
If you have specific queries in relation to your business and compliance with GDPR you should seek legal counsel.