Your responsibility as data controller

As a data controller, you need to live up to a number of responsibilities. Read here and learn more about your role in The EU General Data Protection Regulation.

We have listed your most important general responsibilities, which also apply to your data in TimeLog, to make the process more clear to you.

It is important to underline that you are the data controller and we are the data processor. This means that you own the responsibility for your data in TimeLog, and our role is to handle the data on your behalf.

A data processing agreement requires among other things:

• You need to handle personal information according to GDPR (obligations to provide information and consent requirements)
  
  
• You have the duty to inform the registered person about the collection of data
  
  
• You have the duty to inform about which personal data you collect
  
  
• You have the duty to inform who can handle the collected data
  
  
• You have the duty to inform about the purpose of the data collection
  
  
• You need to create a policy for how long time you collect the personal data
  
  
• You need to plan and develop IT systems that take data protection into account
  
  
• You need to know, if your data is placed physically in Denmark, EU or outside EU. TimeLog’s data is stored in Copenhagen, Denmark
  
  
• You need to work out an index of your handling activities. Related to TimeLog, you need to describe how you process collected data
  
  
• As a default, your systems need to be set up to promote the highest possible data protection, and we offer role protection

If you do not yet have an overview of the basic GDPR rules or need for basic information, we recommend you take a closer look at the EU's website, so you learn all the rules for responsible data handling.

The above information is completed based on the Confederation of Danish Industry’s, The Danish ICT Industry Association’s (IT-Branchen) and The Danish Data Protection Agency’s websites.