EmpMonitor is the Data Controller and establishes the purpose and means of processing the following data: Personal Data of Users who are EmpMonitor’s clients and who directly provide their Personal Data to EmpMonitor, including freelancers and other company officials who register for EmpMonitor; and Personal Data of individuals who subscribe to receive commercial communication and other news and updates from EmpMonitor but are not registered users of EmpMonitor Service.
This section pertains to clients of EmpMonitor who transfer Personal Data of their end-users, such as their employees, to EmpMonitor. The client is considered the Data Controller because they determine the purpose and means of processing the Personal Data, while EmpMonitor is the Data Processor because they only access the data for the purpose of providing the Service. If you are a Data Subject, meaning an end-user of the EmpMonitor Service whose profile was created by your employer, any concerns or complaints regarding the processing of your Personal Data should be addressed to and resolved by your employer, who is the Data Controller.
The client confirms that they have acquired all necessary consents or have another appropriate legal basis for the processing of end-users’ Personal Data, and that the end-users have been informed of the transfer of their Personal Data to EmpMonitor and other third parties used by EmpMonitor for the provision of Service.
EmpMonitor will process the aforementioned data for as long as they provide the Service to the client and the client has an active EmpMonitor account. When an end-user’s account is deleted by the client, EmpMonitor may still process the data of deleted accounts for statistical and analytical purposes of the client, but such data can be deleted at any time upon the client’s request. After terminating their contractual relationship, EmpMonitor may continue to store some Personal Data, but only to the extent necessary to comply with legal obligations, ensure reliable backup systems, resolve disputes, prevent fraud and abuse, enforce agreements, and pursue legitimate interests.
The Controller, EmpMonitor, will process your Personal Data to provide you with the Service, improve the Service, address any Service-related issues, and ensure that you receive the best customer experience possible.
EmpMonitor collects and processes your Personal Data for various purposes, including registering you for the Service, sending you invoices, personalizing your account settings, analyzing your performance, communicating with you about the Service, improving the Service, measuring and analyzing usage data, delivering personalized ads and promotions, and protecting the legal interests of EmpMonitor, its Clients, Users, and other third parties.
EmpMonitor collects and processes Personal Data based on various legal bases, such as the contractual relationship between you and EmpMonitor, legal obligations imposed by applicable law, legitimate interests pursued by EmpMonitor or third parties (provided such interests do not outweigh your rights and freedoms), and your consent for certain types of Personal Data. Note that EmpMonitor may process the same Personal Data for several purposes simultaneously and on more than one legal basis.
EmpMonitor collects, generates, and receives information from users in various ways when using the Service, and some of this information may include Personal Data. This includes information provided by users when creating an account, such as their full name, email address, password, payment information, phone number, social media account information (if applicable), and optional photo. Users also have the option to voluntarily disclose additional Personal Data, such as their health information when using the absence calendar function, but this is not mandatory.
Additionally, EmpMonitor allows for third-party integrations with the Service, which may involve the sharing of certain information between the third-party provider and EmpMonitor. Users should review the privacy settings of these third-party services to understand what data may be disclosed.
When configuring their EmpMonitor account, users provide information such as their location, time zone, workday start and end times, work duration, work tracking start and stop times, tracking days, hourly rate, offline and private time input options, application names to be collected, absence calendar information, colleagues’ information, and project cost calculation tool usage.
Finally, EmpMonitor records information created by users when using the Service, including IP addresses, browser type and software version, application and task names, websites visited, EmpMonitor client version, path to the application, use start and end times, break times, and screenshots of computer screens. However, keystrokes and mouse movements are recorded without the recording of the actual content typed or clicked. If a user is not the Client of the Service, this information is provided by the Client (e.g., employer).
If you choose to subscribe to the EmpMonitor blog, leave a comment on a blog post, or submit a question to us, you will need to provide us with certain Personal Data, including your name and email address.
When you subscribe to our blog or newsletter, we will use your email address to send you informative materials, such as newsletters and advertisements. You can unsubscribe from these emails at any time by clicking the link provided in the footer of the emails.
EmpMonitor will retain Personal Data from your account for as long as you maintain your EmpMonitor account or for the duration necessary to provide you with the Service, whichever is longer.
EmpMonitor will keep data generated by you for as long as the period of 9 months. Following this period, only general information such as “Log-in,” “Log-out,” “Active Hours” and “Total Hours” will be stored for statistical purposes.
If you terminate your subscription with EmpMonitor by deleting your account or terminating the contract, we would not contain any data whatsoever.
In order for EmpMonitor to provide you with our Service, we collaborate with third-party service providers that furnish us with the necessary services required in the ordinary course of our business. Consequently, we may share your Personal Data with these third-party service providers who process your personal data on behalf of EmpMonitor.
The recipients of your Personal Data may fall under various categories, such as hosting and server co-location service providers, communication and content delivery networks, data and cyber security service providers, billing and payment processing service providers, fraud detection and prevention service providers, web analytics, email distribution and monitoring service providers, session recording service, marketing service providers, legal and financial advisors, and other similar categories. EmpMonitor may share your Personal Data with these categories of recipients in order to provide you with our Service.
EmpMonitor only shares the strict minimum amount of Personal Data necessary with Third-Party Service Providers in order for them to provide the requested service. We only share Personal Data with Third-Party Service Providers that are able to demonstrate they have implemented suitable measures to ensure compliance with GDPR and other applicable laws and regulations regarding the processing of Personal Data.
EmpMonitor may have a legal obligation to share your information with third parties in certain situations. Such situations may arise when sharing your Personal Data with a third party is required by law, or when information is requested by public authorities.
Personal Data processed by EmpMonitor may be transferred to recipients outside of the European Economic Area (EEA). If EmpMonitor transfers Personal Data outside of the EEA, it will only send Personal Data to recipients that have implemented adequate data processing and protection requirements and are able to ensure an adequate level of protection, or have provided adequate guarantees.
Individuals located in certain countries, such as the European Economic Area, have statutory rights concerning their Personal Data. Subject to any exemptions provided by law, you may have the right to request access to your Personal Data, to seek to update, delete, or correct this data, to restrict or object to the processing of your data, as well as the right to portability of your Personal Data.
If you believe that EmpMonitor has processed your Personal Data unlawfully, you have the right to submit a complaint to us using the contact information provided below, or you may submit a complaint to the data protection supervisory authority in your country.
If you are an individual whose Personal Data has been provided to EmpMonitor by the Client (such as an employee of the Client), please contact the Client to exercise your rights as a Data Subject.
In case EmpMonitor receives a complaint or request from an individual whose Personal Data has been provided to EmpMonitor by the Client and who is exercising their rights as a Data Subject, EmpMonitor will not respond to such complaint or request without prior written authorization from the Client.
EmpMonitor implements appropriate organizational, technical, and administrative measures to safeguard the confidentiality, integrity, and availability of Personal Data. We recommend that Users, Clients, and their end-users also take responsibility for protecting their Personal Data and any Personal Data in their possession by creating strong passwords for their EmpMonitor accounts, limiting computer and browser access, signing out at the end of a session, and avoiding the disclosure of any sensitive information that could cause significant harm to the Data Subject if disclosed to EmpMonitor.
All authorized personnel at EmpMonitor who are involved in processing Personal Data are bound by confidentiality obligations and are prohibited from accessing or processing such data without authorization, unless it is necessary for the purpose for which the data was obtained in the first place.
If there is a breach of Personal Data, EmpMonitor will comply with applicable laws and notify you accordingly. EmpMonitor will also provide reasonable assistance in the investigation of such breach and notify the supervisory authorities and data subjects affected by the breach in accordance with applicable laws.
Such audits may be carried out by an independent third party with a good market reputation, provided that it has sufficient experience and competence to carry out data processing audits, and the selection of such an auditor must be mutually agreed upon by both the Client and EmpMonitor.
The timing and other practicalities related to any such audit or inspection are determined by us, and any information and assistance provided are at the cost and expense of the Client. We reserve the right to charge the Client for any additional work or other costs incurred by us in connection with the Client using such rights. The Client has the right to request an audit once every two years.
The auditor will be required to sign a confidentiality agreement that includes an obligation not to disclose business information in its audit report, and the final report must also be provided to EmpMonitor.