The GDPR prescribes a number of rights for data subjects, and as a data controller, you must be aware of these rights as you are obliged to comply with them.
This article provides an overview of how you as a data controller can ensure compliance with these rights in connection with the use of CleanManager.
We have also gathered a lot of information about GDPR on our website CleanManager.
Duty of disclosure and right to ongoing insight
Your customers and employees can be granted access to CleanManager. This allows them to access the data registered about them in the system at any time.
We also recommend that you inform customers and employees in their contracts about which personal data you have registered and for what purpose.
Right to rectification of data
Should you receive a request from a data subject (employee or customer) that data is incorrect, you have the opportunity to immediately edit the data in question via the employee and customer directory.
Right to have data deleted
As a data subject, you have the right to have data deleted if there is no legal purpose for storing the data. However, as long as you have a contract with the employee or customer, you will often be allowed to keep simple information about the person, such as contact details. Similarly, the Danish Bookkeeping Act requires data to be kept for 5 years, so an employee or customer cannot necessarily demand that data be deleted even after the end of a contract.
If you want to delete data registered on a customer or employee, we recommend anonymising the data by changing the name and other master data to Anonymous or similar in the employee or customer directory. This way you still have the ability to pull historical hourly statistics etc. without storing personal data.
Right to object
In continuation of the above point, a data subject has the right to object to the processing of data. Always make sure you have a lawful basis for processing when entering data. See more on our website CleanManager.
Right to obtain data
A data subject has the right to obtain data to ensure data portability (i.e. that data could be moved to another system). If you receive such a request, please contact our support via firstname.lastname@example.org and we will help you handle the request.