ubiHRM is committed to adhering to the General Data Protection Regulation (GDPR). ubiHRM maintains product features, corporate protocols, and legal documents to help our users and customers comply. The following are some of the frequently asked questions to help our customers, employees and candidates. The detailed policy can be accessed here
The data ubiHRM collects which is being gathered through the Service consists of any personal, employment, payroll, location information provided consciously and voluntarily by a Customer (Employer), End User or the Customer’s administrator or through employee's use of the ubiHRM platform. In addition the employer might seek location information for time keeping purposes. The employees through our hiring platform may also collect information from a job seeking candidate.
All ubiHRM servers are run from own virtual private clouds (VPCs), with rules that prevent unauthorized requests from entering our network. ubiHRM infrastructure is hosted in a fully redundant, secure VPN environment, with access restricted to operations support staff only. This way we can leverage complete firewall protection, private IP addresses, and other security features. The whole system on which ubiHRM runs is behind a firewall and only the necessary ports are open to the outside network. Also, only authorized personnel, using SSH keys, have access to the system. Access is enabled only over a VPN connection.
Any ubiHRM customer that uses our services to store their employee or candidate information, owns the data of all employees. The responsibility of updating and deleting all employee data therefore lies with the customer. ubiHRM provides our customers with necessary support (customer support/ product features) to carry out any such requests however and whenever the customer wants to.
It depends on the contract with our customer. By default, we store data until it's explicitly removed. But we provide provisions to set up a periodic data removal process for our clients on a contract-to-contract basis. However, we always support data deletion through requests sent to firstname.lastname@example.org for all of our customers. We delete data at the specified/ requested time by our customers with an additional grace period.
Customer representatives who have access to ubiHRM services to maintain employee data. - Employees to their own data. - ubiHRM internal team only when a support request is raised by the Customer and data access is necessary to support such request.
The data retention is governed by the agreement between an employer (customer) and the employee. The customer is thus responsible for any deletion of employee information.
An exit action on an employee continues to retain all the information of the employee in the system. The actual deletion action is permanent and cannot be reinstated.
ubiHRM is Service provider and your data provided by the customer (your employer), is owned by the customer who manages your access. Please contact your employer (customer) directly to request the deletion or updation of your data during your employment or after your employment.