In order to follow our daily processes and tasks for our customers, we may need access to different pieces of information on your system. This article explains what access each team requires and why.
Company data
This is information about your company, including who your administrators are. We use this data for billing and managing your subscription.
Your account managers and our support team have access to this. We typically need to access this data to send you invoices and check your subscription details.
Employee data
This is your HR data including all employee records, absence information, salary and bank details, and documents.
Employee data is stored and transmitted encrypted. Our support team only have unencrypted access to this data if you grant access to them using the grant access option in PeopleHR. Access is revoked automatically after 30 days or you can revoke manually.
Security measures
We're an ISO27001 certified company and we're audited on how we access our live platforms, including logging onto production servers. Our senior engineers log onto our live servers to:
Manage the system.
Deploy new releases.
Access to our servers is locked down to our office IP addresses. Multi-factor authentication controls this and logs in immutable log files.
Our senior engineers do have the ability to access your data subject to the CTO's approval.