Simployer Trust Center › GDPR and privacy › EU's Privacy Regulation (GDPR)
EU's Privacy Regulation (GDPR)
Data Controller = The Customer
The Controller owns, and is responsiple for its own data, and determines which data that is stored and how long the data is to be kept.
Data Processor = Simployer
The Data Processor shall process personal information on instructions from the Controller, the Customer.
"The registered"
This is the person for which personal information is processed. In Simployer, this will for the most part be employees. The registered has rights under the GDPR, amongst them:
- The right to be forgotten
- The right to demand a restriction on the data processed
- The right to data portability
- The right to oppose processing
These rights must be maintained by the Controller. Be aware that there are differences in legal base for processing of personal data for private citizens versus private data for employees.