What does Staffomatic do to ensure compliance with the GDPR?
Data we collect & process for you to get the best user experience
The general terms and conditions
Frequently asked questions
Steps we take
Our measures for the security of your data
Our business processes are increasingly digitized and networked, which creates certain risks for the confidentiality, integrity and purpose limitation of data. We would like to take this into account and create appropriate protection for the personal data we process against misuse and other risks. We have regulated how we handle personal data internally at EASYPEP in our data protection management system, which is mandatory for all employees.
To ensure professional and secure handling of your personal data, we have decided to work with an external data protection officer. This guarantees us professional advice in handling data and - through regular audits - a high data protection standard. In addition, we are reliably informed about current changes in data protection law.
The following data is stored and processed at Staffomatic
The e-mail address is necessary for the operation of Staffomatic. It is used for logging in and communication.
When creating your Staffomatic account we ask for additional data, such as the company name. This data will help you later on when using Staffomatic by EASYPEP. The company name is used to create an account URL (e.g.: mycompany.staffomatic.app).
First name and last name are not required fields. Staffomatic by EASYPEP can also be used only with the specification of the e-mail address. However, specifying names makes the use of the application much more pleasant, as assignment can take place more easily.
In order to continue using Staffomatic after the trial period, billing information is required. Depending on the payment method, credit card data or account data for the SEPA direct debit mandate will be stored here. The storage of this data takes place at our payment partners, who are of course all DSGVO compliant and store the data securely.
Frequently asked questions about data protection and Staffomatic
Do I need a contract for order processing (ADV)?
According to the GDPR, as soon as a company commissions an external service provider to collect, process or use personal data in accordance with instructions, this constitutes commissioned processing (originally commissioned data processing). An ADV contract is mandatory! While not much changes for the client (you) with the entry into force of the DSGVO, the contractor (Easypep) will be held more accountable by the DSGVO. In the future, the client and contractor will be jointly liable for the processing of data (Joint Control - jointly responsible for processing).
Commissioned processing often exists in the case of:
Legal information and disclaimer