Our responsibility as data processer

As a data processor, we need to live up to a number of responsibilities. Read here and learn more about TimeLog’s role in The EU General Data Protection Regulation.

Our responsibilities are e.g.:

  • We need to help you comply with your responsibilities

  • We need to inform you if we assess an instruction as being illegal

  • We need to perform back-ups so you do not lose your data

  • We need to handle personal data based on your instructions

  • We need to make sure that your data is safely stored

  • We need to train our employees in handling personal data correctly according to the regulation

  • We need to work out a data processing agreement

We have published our data processing agreement on our website which you can find a copy of here. The TimeLog responsible will always be able to access it directly in TimeLog.

We do not enter into specific contracts with our customers, instead, we work out one data processing agreement for all our customers.

Below we list the most important demands for the content of a data processing agreement, so you are informed about what you need to be aware of.


A data processing agreement requires among others:

  • Framework for processing personal information

  • Documented instruction

  • Confidentiality and duty of secrecy

  • Security of processing

  • Sub data processors

  • Cooperation with the data responsible company

  • Deletion or return of personal data information

  • Notification about illegal instructions

Last updated

This page was updated on 14 February 2023. 

Our policies

Learn about TimeLog's policies and what it means to you as customer.

Cookie policy
Data security policy
Privacy policy

We have obtained both the ISAE 3000 and 3402 report. Learn how they help secure your data in our FAQ

Read more