Our responsibility as data processer
As a data processor, we need to live up to a number of responsibilities. Read here and learn more about TimeLog’s role in The EU General Data Protection Regulation.
Our responsibilities are e.g.:
- We need to help you comply with your responsibilities
- We need to inform you if we assess an instruction as being illegal
- We need to perform back-ups so you do not lose your data
- We need to handle personal data based on your instructions
- We need to make sure that your data is safely stored
- We need to train our employees in handling personal data correctly according to the regulation
- We need to work out a data processing agreement
We have published our data processing agreement on our website which you can find a copy of here. The TimeLog responsible will always be able to access it directly in TimeLog.
We do not enter into specific contracts with our customers, instead, we work out one data processing agreement for all our customers.
Below we list the most important demands for the content of a data processing agreement, so you are informed about what you need to be aware of.
A data processing agreement requires among others:
- Framework for processing personal information
- Documented instruction
- Confidentiality and duty of secrecy
- Security of processing
- Sub data processors
- Cooperation with the data responsible company
- Deletion or return of personal data information
- Notification about illegal instructions
This page was updated on 14 February 2023.
Learn about TimeLog's policies and what it means to you as customer.
Data security policy
We have obtained both the ISAE 3000 and 3402 report. Learn how they help secure your data in our FAQ.
Here you can read more about which influence GDPR has on your data in TimeLog.
- Your responsibility as a data controller
- FAQ about our customers' most frequent questions about GDPR
- TimeLog's ISAE 3000 GDPR report