General Data Protection Regulation (GDPR) compliance at Welbee
Effective from May 25th 2018.
How data is collected, processed, retained, and stored.
The General Data Protection Regulation (GDPR) provides a single set of rules to protect European citizens.
Welbee is committed to complying with GDPR and ensuring the security and privacy of our customers data and information.
Welbee collects data in four areas; employee information, customer information, including details of their staff and employees, other collected information and information given to us by other sources.
- Employees provide information when they complete a survey
- Employers provide information about their employees such as their start date, date of birth, department or job role, whether they work part or full time, etc. They also provide their work e-mail address so we can send invitations to allow them to complete a survey.
- Welbee may also automatically collect information when a school registers to use the Welbee platform, when we administer the system on behalf of a client school, and to ensure the right access is given to users.
- Welbee also collects aggregate and summary information relating to employee engagement and wellbeing from freely available resources.
How Welbee uses data
Information provided by employers and employees is used to analyse and report on surveys carried out by client schools. Information is summarised and aggregated with that of all employees and employers. It may be compared with benchmarks and with past or future data.
Information will never be used to identify individuals. All survey responses are anonymous and there is no requirement for employees to complete Welbee surveys.
Welbee shares product information with clients and users, including new features and benefits. We ask clients to share feedback on how we might improve our products and services and may also use information to effectively manage any questions or complaints.
How Welbee retains your data
Welbee will store school data for as long as the school remains a client. In the event that your school stops using Welbee we will not maintain data, unless it is anonymous beyond a further period of 12 months.
In addition any employee has the right to request to see the data we hold about them and to erase it. As a first step you should ask your employer to make this request on your behalf.
All users also have the right not to undertake any survey where they are invited to participate.
Where is Welbee Data Stored and How is it Protected
Welbee follows a rigorous development process which places the security of personal information at its core. Our website and application are hosted using a GDPR compliant cloud data provider in the UK. All of our services run over HTTPS using TLS, ensuring data transmitted between the application/website and our servers is secure.
We ensure the network environment in which the application/website is hosted is kept secure by following best practices and ensuring that security updates are applied as needed. We take appropriate measures to mitigate against data loss or destruction, accidents, alteration, disclosure or unauthorised access to personal data.
Data is backed up appropriately, encrypted and stored confidentially. We have a recovery plan in place and maintain the integrity of our IT infrastructure through regular evaluation and testing.
If you have any questions about GDPR and Welbee, please contact us at firstname.lastname@example.org