Safeguarding Your Data

Understanding Our GDPR Commitment

Discover how Staffly ensures compliance with GDPR to protect personal data within our HR management systems.

Our GDPR Responsibilities

Staffly's Commitment to Data Protection

At Staffly, we take our responsibility under the General Data Protection Regulation (GDPR) seriously. Our dedication to safeguarding the personal data of our employees, clients, and partners is paramount. We implement stringent measures to ensure that all personal data handled through our roster software is processed in accordance with the highest standards of data protection and privacy compliance. This includes regular audits, staff training on data protection, and a transparent data handling policy that prioritizes the security and privacy of all stakeholders.

Staffly & Compliance with the General Data Protection Regulation (GDPR)

Understanding GDPR The General Data Protection Regulation (GDPR) is a regulatory framework that standardizes data privacy laws across Europe, aimed at enhancing data protection for all individuals within the European Union (EU).

The framework was developed by the European Parliament in 2016 to enhance individuals’ control over their personal data and to impose stricter measures on organizations that do not adequately safeguard the data they handle against breaches.

The GDPR was officially adopted across the EU on May 25, 2018. Since this date, any organization that does not adhere to the rules of GDPR may face penalties of up to €20 million or 4% of their annual worldwide turnover.

GDPR mandates include allowing individuals to access and correct their data held by businesses, alongside stringent requirements for reporting data breaches.

All entities that handle personal data of EU citizens, whether they are involved in providing goods or services, or for administrative functions, must comply with GDPR, regardless of the company’s location outside the EU.

Impacts of GDPR on Staffly Customers By utilizing Staffly’s software and storing data on our servers, Staffly acts as a ‘data processor’.

As a Staffly customer, you are the ‘data controller’, and your employees, whose data you manage through our system, are the ‘data subjects’.

Both roles are critical in fulfilling GDPR compliance.

Your Responsibilities As the data controller, it is crucial to ensure your compliance with GDPR. Legal advice specific to your organization’s compliance is best provided by a legal professional, but general steps include:

Maintaining a record of all personal data you manage. Boosting understanding of GDPR and data protection within your organization. Determining if a data protection impact assessment or a data protection officer is necessary. Recognizing enhanced individual rights under GDPR and how your organization should handle such requests. Ensuring compliance of all your data processors with GDPR. As your data processor, Staffly ensures full compliance and transparency.

Staffly’s GDPR Compliance Measures Since its inception, Staffly has utilized Amazon Web Services (AWS), with multiple service zones in the London area to power its main network. We maintain secure HTTPS connections to our servers and have stringent firewall rules safeguarding our infrastructure.

We encrypt all stored data using the AES-256 standard to prevent unauthorized data access.

Furthermore, to ensure GDPR compliance, we have implemented several internal policies:

We maintain detailed records of all stored data. We have a clear diagram tracking data storage and third-party access. We regularly update our IT security policies to keep Staffly team members informed about their responsibilities under GDPR. We have refined our Emergency Response Protocol to effectively address potential data breaches. We continuously update our Terms & Conditions and Privacy Policy to align with GDPR requirements and have published a Security Document detailing our data storage practices.

At Staffly, data security is of utmost importance, and we prioritize the assurance of our customers. We encourage inquiries regarding our data protection practices and GDPR compliance through our Contact Us page for further discussions or questions.

You can view, download and print a PDF copy of the General Data Protection Regulation here.

GDPR Compliance Features

Data Encryption

Advanced encryption technology to secure data at rest and in transit.

Access Controls

Strict access controls ensure that only authorized personnel can access sensitive data.

Data Retention Policies

Clear policies on data retention and deletion to comply with GDPR requirements.

Audit Trails

Comprehensive audit trails for tracking access and modifications to personal data.

Understanding GDPR Compliance

Explore the most common inquiries about how Staffly’s roster software adheres to GDPR standards.

What measures has Staffly implemented to ensure GDPR compliance?

Staffly incorporates data encryption, regular security audits, and strict access controls to ensure all data handled by our roster software complies with GDPR requirements.

How does Staffly protect user data?

We protect user data through end-to-end encryption, secure data storage facilities, and by conducting periodic privacy impact assessments to mitigate risks.

Can users request the deletion of their data?

Yes, in accordance with GDPR rights, users can request the deletion of their personal data at any time by contacting our support team.

Features

Rota Planning

Shift planning

Sharing rotas

Automatic timesheets

Holiday management

Time & Attendance

Labour cost control

Availability tools

Absence management

HR Tools

Mobile app

Clocking in app

Online HR tools

Reports

Payroll & integrations

Industries

Hospitality

Retail

Private Security

Bars, Cafes, Restaurants

Roster Software Ireland

Annual Leave

Google & HR

Why Retail and Hospitality Teams Are Ditching WhatsApp for Staff Communication

Recent Posts