Data retention policy
How long your team’s data is retained varies between free and paid plans. The ranges listed below are equivalent to the full period of historic data (rather than a rolling amount). In other words, a user’s screenshots from the month of June will be available until the end of July on the free plans (1 full month of data).
The benefit of this is that it allows you to view complete periods of time (e.g. a month from the start to the end) rather than periods that change each day. In a rolling monthly period, on July 10th you would only have access to data back to June 10th.
See comparison chart here: https://support.hubstaff.com/data-retention-comparison/ Data archiving and removal policy
If you are an owner of a Hubstaff organization, and/or owner of a Hubstaff Talent Agency, and/or an owner of a Hubstaff Tasks organization. Please, send a personal data deletion request to support@hubstaff.com.
If you are a member of a Hubstaff organization, and/or a member of a Hubstaff Talent Agency, and/or a member of Hubstaff Tasks organization, you have to contact the owner of your organization or agency and ask them to contact Hubstaff’s Support Team with the permission to delete your data.
Hubstaff’s Support Team will check your case and act accordingly.
You will be informed if your request will be processed or you will get an explanation about why it is declined. Once your request is accepted for the deletion, it will take around 5-7 business days to complete. You will receive a confirmation when the deletion is processed.
Data storage policy
QUESTION:
How do I file a request to delete my data?
ANSWER:
If you are an owner of a Hubstaff organization, and/or owner of a Hubstaff Talent Agency, and/or an owner of a Hubstaff Tasks organization. Please, send a personal data deletion request to support@hubstaff.com.
If you are a member of a Hubstaff organization, and/or a member of a Hubstaff Talent Agency, and/or a member of Hubstaff Tasks organization, you have to contact the owner of your organization or agency and ask them to contact Hubstaff’s Support Team with the permission to delete your data.
Hubstaff’s Support Team will check your case and act accordingly.
You will be informed if your request will be processed or you will get explanations about why it is declined. Once your request is accepted for the deletion, it will take around 5-7 business days to complete. You will receive a confirmation when the deletion is processed.
QUESTION:
I’m a member of an organization that uses Hubstaff. Who is considered to be the Data Controller in this case: my organization or Hubstaff?
ANSWER:
Your organization and its owner(s) are considered to be the Data Controller. This means that the Data Controller, once it receives the data deletion request, has to give Hubstaff an order and permit such data deletion. Hubstaff cannot delete your data without the Data Controller’s permission.
QUESTION:
I’m a member of an organization that happens to be not GDPR compliant, and they refuse to delete my data as per my request. Can Hubstaff still delete my data because Hubstaff is GDPR compliant?
ANSWER:
Since Hubstaff is GDPR compliant, according to the law we consider any organization and its owner(s) to be the Data Controller. Even if such an organization is not GDPR compliant itself, we cannot delete your data without their permission.
QUESTION:
Is Hubstaff allowed to release information from our account?
ANSWER:
No. All Hubstaff employees are knowledgeable, trained, and are required to handle sensitive data such as PII (Personally Identifiable Information) in compliance with the DPA (Data Processing Addendum).
We treat data handling with the utmost care and control who has access to it by implementing two levels of permissions (administrator and super administrator).
QUESTION:
Who can access and view data within Hubstaff?
ANSWER:
The data is only accessed directly when we’re working with you on a support ticket or diagnosing an error that our code generated (which is shared internally). In these specific cases, our support team and/or a few developers may need access to your data. Our team is trained to handle sensitive information.
Data is encrypted during transmission and at rest, however, if we need to troubleshoot a support issue or debug a server error we would need to decrypt the data to view it and access it when needed.
QUESTION:
Is the data encrypted?
ANSWER:
We encrypt all data during transmission and at rest. Therefore, in the event our database is compromised, all the data is encrypted.
QUESTION:
Do you have subprocessors that handle our data?
ANSWER:
We have a list of subprocessors publicly available on our website.
We have signed DPAs (data protection addendum) with all of these vendors. They are being held to the same standards as we are held to under the GDPR and Privacy Shield certification.
QUESTION:
What is Hubstaff’s role according to the GDPR law?
ANSWER:
Unless specifically agreed in writing by the parties, Hubstaff is the Data Processor. Please, read more about the (other) parties’ roles in the DPA that you can download at the beginning of the article.
QUESTION:
How long does Hubstaff keep activity data?
ANSWER:
How long the activity data is retained varies between free and paid plans. Learn more about Data Retention Comparison.
App/service has sub-processors
no