Data Handling and Protection FAQ

Hubstaff handles data in accordance with GDPR regulations and is Privacy Shield certified.

At Hubstaff we understand how important privacy is for your business and its customers. We comply with the EU’s General Data Protection Regulation (GDPR) law that went into effect on May 25, 2018. Our team works hard every day to ensure that data subjects are protected. Among the steps we’ve taken to meet GDPR requirements and be transparent about what we do with your data, we became Privacy Shield certified, updated our Privacy Policy, and list all of our subprocessors.

The Data Processing Addendum (DPA) is provided to help meet GDPR (General Data Protection Regulation) requirements. The DPA has been pre-signed by Netsoft Holdings, LLC (the owners of Hubstaff). If required by the GDPR, please download the DPA and email a signed a copy to jared@hubstaff.com.

Download DPA

Questions

Question:

Is Hubstaff allowed to release information from our account?

Answer:

No. All Hubstaff employees are knowledgeable, trained and are required to handle sensitive data such as PII (Personally Identifiable Information) in compliance with the DPA (Data Processing Addendum).

We treat data handling with the utmost care and control who has access to it by implementing two levels of permissions (administrator and super administrator).

 

Question:

Who can access and view data within Hubstaff?

Answer:

The data is only accessed directly when we’re working with you on a support ticket or diagnosing an error that our code generated (which is shared internally). In these specific cases, our support team and/or a few developers may need access to your data. Our team is trained to handle sensitive information.

Data is encrypted during transmission and at rest, however, if we need to troubleshoot a support issue or debug a server error we would need to decrypt the data to view it and access it when needed.

 

Question:

Is the data encrypted?

Answer:

We encrypt all data during transmission and at rest. Therefore, in the event our database is compromised, all the data is encrypted.

 

Question:

Do you have subprocessors that handle our data?

Answer:

We have a list of subprocessors publicly available on our website.

We have signed DPAs (data protection addendum) with all of these vendors. They are being held to the same standards as we are held to under the GDPR and Privacy Shield certification.

 

Question:

What controls are in place to prevent Hubstaff employees or subcontractors from transmitting confidential data?

Answer:

All of our team members signed a legal document during their training that holds them personally liable for any such actions. We would prosecute them to the fullest extent of the law if this ever occurred.

 

Hubstaff has appointed a data protection officer (DPO). You may contact Hubstaff’s DPO Jared Brown at jared@hubstaff.com.

Our EU representative may be reached by contacting:

Maetzler Rechtsanwalts GmbH & Co KG,
Attorneys at Law,
c/o Netsoft Holdings, LLC,
Schellinggasse 3/10, 1010 Vienna, Austria

Please add the following subject to all correspondence:
GDPR-REP ID: 19160560

  • Was this Helpful ?
  • Yes   No
  • Was this Helpful ?
  • Yes   No