Remote is delivering various services to clients such as Employment Services (EOR), Human Resource Information Services (HRIS), Contractor Management, Global Payroll, Freelancer hub, Remote Talent. The business portfolio of Remote is emerging and in this context its data protection responsibilities also evolve.
The Remote corporate group is made up of a number of legal entities which we use as infrastructure to provide our services. However, for data protection purposes the entities in control of all personal data processed in connection with our platform and services are Remote Europe Holding, B.V. and Remote Technology Services, Inc.
Under Remote’s Terms of Service, clients with an account address outside the United States are entering into separate legally binding agreement(s) with Remote Europe Holding B.V. and its affiliates (“Remote”) in the countries where the relevant employees are. Remote Europe Holding B.V. is subject to GDPR and is obligated to comply with the requirements of GDPR when processing personal data. In this context, the entire Remote corporate group adheres to the GDPR. Clients with an account address in the United States are entering into separate legally binding agreement(s) with Remote Technology Services, Inc. and its affiliates.
Remote as controller
When delivering Employment Services (EOR), Remote employs individuals to provide their services to a client. These individuals are employed by Remote entities around the world and the employees are subject to the applicable national labor and data protection laws. In order to fully comply with all applicable national regulations as an employer, Remote is obliged to process personal data of the employees. The processed personal data consist of employment data and data related to the employment relationship between Remote and the employee.
On these grounds, Remote processes personal data of the hired employees providing their services to clients as an independent controller under the GDPR. Remote is not a processor under the GDPR regarding personal data of hired employees providing their services to clients. Based on the legal obligations of Remote as an employer, under GDPR Remote is processing the personal data of the hired employees by determining the purposes and means of processing. Such processing is always executed by a controller as an exception to any processor role according to GDPR.
For our Employment Services (EOR), Remote does not enter into data processing agreements (DPAs) with clients under art. 28 GDPR based on the explanation provided. Our Terms of Service include a special schedule that details the GDPR role and responsibilities of Remote in terms of our Employment Services (EOR).
Remote Talent and Freelancer Hub services are delivered by Remote directly to individuals - job seekers and freelance contractors. Remote is acting as controller under GDPR regarding the personal data of Remote Talent users and contractors using Freelancer Hub. Clients listing jobs on Remote Talent are responsible for the processing of personal data of the job applicants presented by Remote Talent. Remote Talent users and contractors using Freelancer Hub need to comply with Remote’s Terms of Use and are informed about Remote’s Privacy policy.
Remote as processor
Delivering Human Resource Information Services (HRIS), Contractor Management and Global Payroll to clients is where Remote acts as processor under the GDPR. The data relevant to this role is added on our platform by the clients’ direct employees, assigned employees and contractors. In contrast with freelance contractors using Freelancer Hub, contractors invited by our clients have their personal data processed by Remote on behalf of the client. The invited contractors have a Freelancer Hub account as well. Remote processes the personal data attached to both types of contractors accounts in a separate manner on separate grounds.
Given our processor role for some of our services, we have incorporated the mandatory controller to processor contractual language to our Terms of Service. The schedules to the DPA in the terms set out the details of processing in respect of each service we offer Based on the processor role under GDPR, Remote has implemented DPAs within the Remote Terms of Service for the HRIS, Contractor management and Global payroll. These DPAs are in compliance with art. 28 GDPR and are included as schedules of the Terms of Service.
Comments
0 comments
Article is closed for comments.