Implementing a time tracking system requires collecting personal data from employees. This triggers the General Data Protection Regulation (GDPR) and the Organic Law on Data Protection (LOPDGDD). The usual point of tension: the company wants reliability in time tracking, while the GDPR demands data minimization. And between those two things, a salesperson sometimes steps in, selling you fingerprint or facial recognition as a solution without telling you about the mess behind it. What follows: which data is legal, which is restricted, and where the real limits lie.
← Back to Resources
Boletín · Legal
GDPR applied to time tracking: what data you can record and what is prohibited
What data a company can collect in the time record according to the GDPR and the AEPD: mandatory minimum data, restricted biometrics, and what to do if you use geolocation.
May 21, 20268 min de lectura read
Reseñas
…