At CharlieHR, we work hard to ensure we follow the principles of the EU General Data Protection Regulation of May 2018. We have a designated Data Protection Officer, and accountability and privacy are principles that are designed into both our software and policies.
Full information on the processes we have in place can be found here.
The GDPR is a data protection law that came into effect on May 25, 2018. It replaced existing EU law to strengthen the protection of “personal data” and the rights of the individual. It's the overarching set of rules which governs the processing and monitoring of EU data.
Who is the official Data Protection officer for your organisation?
Ben Gateley. You can contact them via [email protected].
Do you market other services to the employees we add to the system?
How long do you retain our employee data?
Our retention periods are defined by you, as a super admin you have full control of what data is held on our system and are free to remove or amend it at any time.
Where is our data held?
On AWS servers in Ireland, within the EU.
Do you have a training programme in place for staff that have access to the personal data of our customers?
Yes, this is defined by our commitment to ISO 27001 compliance and the controls we have in place internally for that. You can read more about our security measures here.
If we were to ask you to remove all data we have provided to you on an employee would you be able to do that in a timely fashion?
Do you have a process in place for reporting personal data breaches to affected companies and the relevant data protection authority, and in some circumstances, to the affected data subjects, where feasible, within 72 hours of having become aware of it?
Yes we do.
Where can I read Charlie's Data Processing Addendum
You can find our up to date Data Processing Addendum here
If you have any questions or concerns, you can raise this with our Data Protection Officer. They can be contacted at [email protected]