ubiHRM GDPR FAQ

ubiHRM is committed to adhering to the General Data Protection Regulation (GDPR). ubiHRM maintains product features, corporate protocols, and legal documents to help our users and customers comply. The following are some of the frequently asked questions to help our customers, employees and candidates. The detailed policy can be accessed here

What data do we collect?

The data ubiHRM collects which is being gathered through the Service consists of any personal, employment, payroll, location information provided consciously and voluntarily by a Customer (Employer), End User or the Customer’s administrator or through employee's use of the ubiHRM platform. In addition the employer might seek location information for time keeping purposes. The employees through our hiring platform may also collect information from a job seeking candidate.

What is ubiHRM's privacy policy

Our privacy policy can be accessed here and covers all aspects of GDPR adherence in much detail.

Infastructure Security

All ubiHRM servers are run from own virtual private clouds (VPCs), with rules that prevent unauthorized requests from entering our network. ubiHRM infrastructure is hosted in a fully redundant, secure VPN environment, with access restricted to operations support staff only. This way we can leverage complete firewall protection, private IP addresses, and other security features. The whole system on which ubiHRM runs is behind a firewall and only the necessary ports are open to the outside network. Also, only authorized personnel, using SSH keys, have access to the system. Access is enabled only over a VPN connection.

Who is responsible for employee data

Any ubiHRM customer that uses our services to store their employee or candidate information, owns the data of all employees. The responsibility of updating and deleting all employee data therefore lies with the customer. ubiHRM provides our customers with necessary support (customer support/ product features) to carry out any such requests however and whenever the customer wants to.

For how long is the data stored

It depends on the contract with our customer. By default, we store data until it's explicitly removed. But we provide provisions to set up a periodic data removal process for our clients on a contract-to-contract basis. However, we always support data deletion through requests sent to ubihrmsupport@ubitechsolutions.com for all of our customers. We delete data at the specified/ requested time by our customers with an additional grace period.

Who has access to the data

Customer representatives who have access to ubiHRM services to maintain employee data. - Employees to their own data. - ubiHRM internal team only when a support request is raised by the Customer and data access is necessary to support such request.

Who can delete the employee information

The data retention is governed by the agreement between an employer (customer) and the employee. The customer is thus responsible for any deletion of employee information.

Can the deleted data be reinstated?

An exit action on an employee continues to retain all the information of the employee in the system. The actual deletion action is permanent and cannot be reinstated.

Can I delete/ edit/ view/ access my personal information?

ubiHRM is Service provider and your data provided by the customer (your employer), is owned by the customer who manages your access. Please contact your employer (customer) directly to request the deletion or updation of your data during your employment or after your employment.