GDPR Compliance Statement

Last Updated: March 15, 2024

Our Commitment to GDPR

ecoHR is fully committed to compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. We have implemented appropriate technical and organizational measures to ensure the security and protection of personal data.

Data Protection Principles

We adhere to the following principles when processing personal data:

• Lawfulness, Fairness, and Transparency: We process personal data lawfully, fairly, and in a transparent manner.
• Purpose Limitation: We collect personal data for specified, explicit, and legitimate purposes.
• Data Minimization: We only collect data that is adequate, relevant, and limited to what is necessary.
• Accuracy: We keep personal data accurate and up to date.
• Storage Limitation: We retain personal data only for as long as necessary.
• Integrity and Confidentiality: We process personal data securely.

Data Subject Rights

Under GDPR, you have the following rights:

• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Right to withdraw consent

Data Security Measures

We implement appropriate security measures to protect personal data, including:

• Encryption of data in transit and at rest
• Regular security assessments
• Access controls and authentication
• Data backup and recovery procedures
• Employee training on data protection

Data Processing Agreements

We have Data Processing Agreements (DPAs) with all third-party service providers who process personal data on our behalf, ensuring they meet GDPR requirements.

Contact Information

For any questions regarding our GDPR compliance or to exercise your data protection rights, please contact our Data Protection Officer at:

Email: [email protected]