Attendance Clocking and Personal Data Security
Any attendance clocking system will invariably contain certain kinds of personal data about your workforce. In the context of a Cloud Attend Time & Attendance System this will include employee data stored in the Cloud Software, employee names stored in the Clocking Terminal, and – in the case of our biometric clocking systems – the biometric data of employees. Read on for an overview of how Cloud Attend T&A Systems use and store personal data.
Personal data and the Cloud Attend Software
All data is entered into the Cloud Attend Software by you, and should be factored into your internal data security policies. During normal operation the Cloud Attend Software may hold some, but not necessarily all, of the following information about your staff members:
-
First and last name
-
Group/Department within your organisation
-
Shift and overtime information
-
Basic rate of pay
-
Contracted hours
-
Holiday entitlement
-
Payroll number
-
Start / finish date
-
Actual and amended hours worked
-
Total pay
-
Holidays, sickness, and lateness
It is up to you to determine who within your organisation will have access to the Cloud Attend Software. The software can be password protected, and can also be configured with tiered user profiles in order to restrict certain users from accessing unnecessary information. Back-end databases containing employee information are also password protected. The system is hosted by AWS and has the highest security available including two factor authentication.
Personal data and the Cloud Attend clocking terminal
All data is entered into the clocking terminal by you, and should be factored into your internal data security policies. During normal operation the clocking terminal may hold some, but not necessarily all, of the following information about your staff members:
-
First and last name
-
ID number
-
Unprocessed clocking records, with each employee’s specific clocking records identifiable by their associated ID.
-
Templates derived from facial profiles, templates are generated using a secure mathematical algorithm, and cannot be reverse engineered.
It is up to you to determine who will have access to the data stored in the Clocking Terminal. Access is restricted through use of an Admin.
Biometric data
Biometric data, is captured by the clocking terminal via an enrolment process to create a biometric template based on points of interest. For a face, they might be the distance between the eyes or the shape of the mouth. The biometric template is stored within the clocking terminal as a mathematical algorithm which the terminal can reference in order to determine whether the biometric templates derived from future clocking's are from the same face.
The enrolment process is only used to create these biometric templates, It’s helpful to think of the face like a map, with the characteristic points as co-ordinates. In the same way that co-ordinates alone will not give you an image of the map itself, characteristic points of a specific face do not give you the full image.
Facial algorithms are uploaded from the clocking terminal onto our AWS server for backups and transfers between terminals, but there is no way to process, manipulate, or reverse engineer these algorithms from the file.
If an employee leaves the organisation the data is deleted automatically in line with the GDPR policy configured within the app - usually a set period after the employee has left the company.
This article is for informational purposes only, and does not constitute legal advice. It is important to conduct your own assessment of the employee data you intend to hold within the Cloud Attend system, how this pertains to the rights of individual employees, and your lawful basis for holding such information under applicable legislation.
Enrolment Process
Clocking Process