How PARiM Unscrambles GDPR for You
From the very start, PARiM has been built with GDPR compliance and its principles at the very core of the system. For example, every deletion is permanent - meaning we do not keep data after you have chosen to delete it. So compliance with GDPR is pretty straightforward for PARiM as a data processor.
With GDPR, the key challenge for us is to make your organisation's responsibilities as a data processor and your staffs' options as data controllers, as easy as possible.
First Steps
Limit access to data. We advise you to use our flexible role-based system to limit who can see what information to avoid issues with the data processing before they arise. Every organisation is different, so we can’t really give a ready-made blueprint, but our support team stands ready to help you make the most of our toolset after you have come up with a structured plan.
Take control of data. PARiM gives users a rare degree of control over their data. This differentiates us, not only from our competitors but also from most other business software. On the System Settings page of our solution, you can find a host of options meant to give you the power to manage, show and process data as you want to.
The Basics
Approve new Data & Privacy settings. On the 25th of May, we will launch a new version that includes the fields required by GDPR such as designating a Data Protector Officer, that you need to fill in when accepting PARiM's Data Processing Terms. Alongside the new release, we will be sending our updated Privacy Policy. The gist of these documents is explained on our security page.
Use the new Data & Privacy Settings We will provide you with functionality that lets you upload your own in-house company policy that each of your employees will have to approve. There will be a box to tick in the Staff Portal, which when filled gives you permission to process their personal details.
The Details
Choose what to store. PARiM gives you the freedom to choose the sensitive data you want to collect about your employees. You can opt not to store:
Emergency contacts
Previous employment records
Education
Qualifications
Trainings
Language skills
Health details
Health conditions
Appearance
Gender
Ethnicity
Tell your staff how they can delete their data. A visible linked will be added to each and every staff member's profile page which will allow them to request that their data is to be deleted from the system. All such requests will be displayed to supervisors on their Dashboards under the Action Required list, with a RED BAR.
Additionally, an unsubscribe link will be added in the footer of all e-mail communications with an explanation why staff members are receiving these specific messages and how they can opt-out.