GDPR & Intasite - How We Use Your Data
GDPR seemingly sent the world into meltdown throughout 2018. Affecting businesses and employers across all industries, GDPR (a new General Data Protection Regulation) was introduced across the EU on the 25th May 2018. GDPR was introduced to replace the existing Data Protection Directive (95/46/EC).
This is especially important if your role involves collecting and managing the personal details of visitors, contractors or employees.
With so much confusion and uncertainty surrounding GDPR. Let us tell you about how Intasite complies with GDPR – and give you a bit more information about what GDPR is.
Why Is GDPR Coming Into Effect?
The purpose of GDPR is to strengthen and unify data protection for individuals within the EU and simplify the regulatory environment for international businesses (operating inside the EU whether based inside or outside) by unifying the regulation.
Who Does GDPR Apply To?
GDPR only applies to data kept about individuals, not companies. The aim is to give individuals a right to privacy and protect them from unwanted marketing, as well as to ensure personal information is not being held by organisations without their consent.
How Intasite uses/manages your inductees’ data
What Data Intasite Collects
As standard, the Intasite platform collects the following data about contractors, visitors, employees, or anyone who carries out an induction through our system:
- Email address OR mobile number
- First Name
- Last Name
- Password
Dependent upon the needs of the business, we have the facility to capture more information – if the business has a need for it. Additional data may include qualifications, licenses or certificates held. Personal data such as date of birth, address and contact details can also be captured if necessary.
Why We Store This Data
The data we hold serves two purposes. It allows users to log into the Intasite platform and complete their induction programme.
Secondly, it allows clients (the organisation using Intasite) to validate a user at the gate, providing they have completed their induction. This data is also accessible for the client, to issue reminders for renewals for inductions, or alert them to new courses and material that needs to be completed.
When We Delete User’s Data
We delete data in accordance to the needs of our clients. On average, clients typically hold data on their inductees for 3 years. However, we adhere to the specific needs of clients and are flexible in our approach to the storage and deletion of data.
We delete backups of data after 30 days.
How we keep it secure
All of the data collected by Intasite is stored on servers protected by firewalls and personal data is encrypted.
All data is encrypted during transmission and backed up daily offsite for disaster recovery.
Convenience of Data Collection
The Intasite platform removes the data collection process from the client, freeing up their times & resources to be used more effectively and efficiently elsewhere in the business.
Our platform covers everything on behalf of the client including:
- Collecting individuals data
- Stored securely
- Data backups
- Data is searchable by the client to find individual records
Any client using Intasite does not have to worry about handling, or protecting data, as we do it all safely and securely.
Our partners are all GDPR compliant
We work in partnership with a number of partners to ensure Intasite delivers the best experience and service possible. We select who we collaborate with carefully and only work with those who are GDPR compliant.
Confidence
No matter what industry you work in, or what level risk of site you operate, Intasite can help streamline your induction process.
Our online induction software reduces the admin time and costs associated with traditional induction programmes. Being fully GDPR compliant means you can feel confident that your workers and visitor’s data are in safe hands.