Archive RSS
Blog  »  May 2018
30
May 18

Posted by
Jennie Hussey

GDPR FAQ's Answered!

Is the emailing of payslips permissible under GDPR?
There is nothing in the GDPR that states it is no longer permissible to email payslips, this practice is still very much acceptable. The thing to keep in mind in relation to emailing payslips is to ensure that all appropriate security measures are in place. The payslips that are emailed from BrightPay are encrypted and deleted from our servers once sent, however it may also be prudent of a processor of the payroll to password protect the payslips also. It will be the responsibility of the Data controllers (employers) to be vigilant that correct email addresses are inputted.

Can I still use my hard-earned mailing lists after May 25th?
Not automatically - the GDPR states that to be able to ‘Lawfully Process’ personal data you must be able to fall into at least 1 of the 6 processing classifications, the first one being Consent. Consent must be:
• Specific, informed, unambiguous, and freely given – there must be evidence that clear affirmative action has been given.
• Must be for a specified purpose
• Where consent is obtained as part of a larger document covering other things, consent text must be clearly distinguished from everything else
• Evidence needs to be retained as to how the consent was obtained. For example; forms, brochures signage, website screenshots.
• Language must be accessible and easily understood.
• Have a clear and seamless opt-Out process in place.
If you have mailing lists that you’ve used pre GDPR you will not be able to continue using them if you haven’t got specific approval or consent from the individuals.

Do we need to ask for consent from our employees to process their data?

No, as the reliance for processing and retaining their data will be down to lawful processing because of the employer’s legal obligation to deduct taxes etc. and also down to the contractual agreement in place to pay them and pay forward the taxes owed on their behalf. And also to the nature of the relationship between the employer and the employee, the status quo is in the employer’s favour so consent would not be unambiguous or freely given.

More information can be found in the GDPR section of our online support documentation on our website - Bright Contracts UK - GDPR

To book a free online demo of Bright Contracts click here.
To download your free trial of Bright Contracts click here.


BrightPay - Payroll and Auto Enrolment Software
Bright Contracts - Employment Contracts and Handbooks

Posted in Company handbook, Contract of employment, Employee Contracts, Employee Handbook, Employee Records, GDPR, General Data Protection Regulation

22
May 18

Posted by
Laura Murphy

Do employers need to amend employees' contracts to comply with the GDPR?

No, it is not necessary for employers to amend the contracts of existing employees to comply with the General Data Protection Regulation (GDPR). However if your employment contract includes a data protection clause it will need to be revised for any new contracts created. 

For existing employees, employers should issue a new privacy notice to, providing information on the processing of their personal data, which would override any invalid data protection clauses in the contract. The GDPR specifies the information that the employer must provide in the employee privacy policy. The information includes the purposes for which the employer will process the employee's personal data, the legal bases for the processing, information about the retention period and information about the employee's rights as a data subject.

What has Bright Contracts done?

  • Updated employment contract: whilst not necessary to update existing employees’ contracts, we have updated the Data Protection contract clause for all new contracts created in Bright Contract.
  • Employee Privacy Policy: a new Employee Privacy Policy will be made available to all Bright Contracts customers. The new policy contains all the specific information required under GDPR.
  • Data Protection Policy: the handbook Data Protection Policy has been updated and should also be communicated to employees.

 

BrightPay

The new standard in payroll software, now available for employers in the UK and Ireland.

UK Website  Ireland Website

Bright Contracts

Create tailored professional employment contracts and staff handbooks. Available for employers in the UK and Ireland.

UK Website  Ireland Website