GDPR and data protection - FAQ

On this page, you get the answers to the GDPR questions our customers often ask. If you have any further questions, please do not hesitate to contact our support.

When does TimeLog have a data processing agreement in place?

We have published our data processing agreement on our website, which you can find a copy of here

The TimeLog responsible will always be able to access it directly in TimeLog.

Is customer data separated in TimeLog?

Yes. Each customer has its own database, and the customers cannot access each other’s data.

Does TimeLog have an R&D department outside EU?

Yes, we have an R&D department in Malaysia.

Do TimeLog's Malaysian developers have access to our personal data?

No, our Malaysian developers do not have direct access to your personal data.

There will be situations where they need to solve support tickets, and here it is required that they have access to your database to solve the issue.

In these cases, we take a copy of your database on a test server, where all your data is anonymised. This means that no specific personal data will be visible. Instead, the original personal data will appear as Employee 1, Employee 2 etc. Phone numbers and addresses will not be visible.

When you send a screenshot for a support ticket, which our Malaysian developers need to solve the challenge, we technically send personal data outside of EU.

Therefore we have a separate data processing agreement with our development partner to live up to our responsibilities as a data processor and still provide the best service to our customers.

Who is the data controller and who is the data processor?

The data responsible is the one collecting data, i.e. you. 

The responsible person is the link between TimeLog and you as a customer regarding everything related to data protection and the EU’s General Data Protection Regulation (GDPR). 

The responsible contact will also be the one to receive news about changes related to data protection, e.g. change of sub-data processors. 

We are the data controller, and we handle data on your behalf.

See more See less

Last updated

This page was updated on 19 July 2023.