Security and Privacy within the Platform

This statement may be updated from time to time. Therefore, please make sure to consult this statement regularly to be aware of the most current version.

Contents:

Security • Privacy • Personal data

The security of the data we have from you and the data you process with ClockAssist is our top priority.

What does 'top priority' mean then? It means that we take appropriate measures to ensure that no one can access your data without authorization. We also require our partners and suppliers to take appropriate measures.

Below, we will explain the measures and methods we use and how your privacy is managed at ClockAssist. We would also like to explain some concepts that we use in this statement:

'user': someone who has their own login credentials for ClockAssist and processes data with it
'admin': a designated user who can receive daily overviews when other users submit their day
'system administrator/IT staff': an employee of an organization that works with ClockAssist and is responsible for the correct installation of the software
'submitting a daily overview': clicking the Submit button by a user who has checked and, if necessary, adjusted their own daily overview, and where the user understands that after clicking the Submit button, the data from the daily overview will be visible to the respective admin within the organization where the user is employed
'the software': the ClockAssist platform, which can be used on the computer itself, online, and on the mobile phone

Security

Hosting and Server Management

ClockAssist uses managed hosting on its own servers managed in a data center in Amsterdam. The following certifications and accreditations apply:

ISO 27001
PCI DSS
SOC1
HIPAA
NEN 7510

All connections to the server are encrypted in transit. The data processed in ClockAssist is securely stored in a data center in Amsterdam. Data from ClockAssist is not stored or processed outside the European Union and the European Economic Area.

Password Management and 2FA

ClockAssist does not store user passwords in plain text. We only store password hashes that are not decipherable, and we encrypt them with Bcrypt.

In addition to the measures we take to secure your data and account, it is advisable to choose a strong password (the longer the password, the more secure it is) when logging in and to set up two-factor authentication (2FA). Without your mobile phone, you cannot log in to your account.

Availability

ClockAssist has an uptime of 99.9%. This means that the software rarely has a malfunction or is otherwise unavailable. In the event of a malfunction, our Development department is automatically notified, and we do everything we can to make the platform available again.

Privacy

For the privacy statement that applies to our website and the cookie policy we use, please refer to the page Privacy Statement and Cookie Policy.

Privacy by Design

The privacy you have within ClockAssist is of the utmost importance to us. ClockAssist has been developed according to the concept of privacy by design. This means that by definition, all data of a user can only be viewed by that user until the user gives permission to share certain data.

User Privacy

ClockAssist recognizes and records activity on your computer or phone. We are aware that passing on this data to someone other than yourself (whether it's a colleague, an application, or processing in a report that can be traced back to the user) is not ethical. We believe that this should not be allowed. That is why we have chosen to develop the software in such a way that the user has all the freedom to:

first view it themselves,
first make adjustments themselves,
first supplement it themselves, and
submit it themselves and thereby make the data visible to the respective admin within the organization.

In summary, we can say the following about your privacy within ClockAssist:

other users cannot see your data unless you have submitted your day (then the respective admin can see your daily overview)
you can always check, adjust, and supplement your daily overview yourself without another user knowing or seeing
reports are always organization-wide and can never be traced back to a specific user (ClockAssist is not responsible if information from a report is traceable to a specific user if that user is the only one within the organization who, in their function, has to be involved in a specific activity)

Processing of Personal Data

Data We Process

ClockAssist does not process any personal data other than an email address, first and last name, and a business phone number. These data are only used for the proper functioning of the software, namely for logging in and linking the correct logs to the correct user.

We also use the email address to send you product-related information, such as instructions and tips for using ClockAssist. You can always unsubscribe from these emails.

Because you also process customer data with our software, we are obliged to enter into a processing agreement with all our customers. Within the software, you will find the option to read, sign, and download this agreement.

We do not process any special personal data.

Transfer of Personal Data

ClockAssist does not transfer personal data to third parties. We also do not process or store data outside the European Economic Area. However, we use applications that allow us to communicate with our customers and store customer information.

These applications are:

Intercom: customer communication, chatbot, CRM functionality
Mailgun: email communication with customers, such as password resets

These applications are of an international nature. According to the European Commission, the destination country provides an adequate level of protection or is certified under the EU-US Privacy Shield.

Retention Period of Personal Data

ClockAssist never retains your personal data longer than necessary, unless the law justifies or requires a longer retention period. By 'necessary,' we mean that we can guarantee the proper functioning of the software.

Your Rights

You always have the right to access the personal data we hold about you.

In addition, you have the right to rectify, complete, or update your personal data. You must make these changes yourself in your own account. You are responsible for ensuring that this data is always accurate.

You have the right to withdraw your consent for the processing of your personal data. By doing so, you also agree not to use ClockAssist anymore.

You also have the right to request your personal data and receive it in a commonly used format.

You can exercise your rights by sending an email to info@clockassist.com. We will comply with your request as soon as possible, but in any case within four weeks. To fulfill your request, we need confirmation of your identity. Therefore, always include a copy of your identification.

Start now - it's free

Start now - 1.000+ active users

Looking to buy for a team?

Our team is ready to help you

	+31 10 - 34 00 433
	support@clockassist.com
	Maassluis, Netherlands

Chat with us Plan a demo