- What this agreement is about
- This agreement describes how The User may use Bright HR and is made up of the terms and conditions to which The User is subject.
- In this agreement, where this document says “Bright HR” it mean the [on-line human resources software – www.brighthr.com]or (such other URL as The Provider may notify to The User from time) together with the Services.
- Who this agreement is between
- This agreement is between The User, (the person or organisation authorised to use Bright HR) and Bright HR Ltd (The Provider) company registration number 9283467, VAT number GB 927524217, and whose registered office is situated at The Peninsula, Victoria Place, Manchester, M4 4FB) if The User subscribes to Bright HR in the United Kingdom.
- By entering into this agreement, both the User and the Provider agree to be bound by its terms.
- How The User accepts this agreement, and when this agreement starts
- The User accepts the terms and conditions of this agreement, which will commence from the earliest date upon which it either ticks a box or clicks on a button to confirm that it accepts this agreement when Bright HR asks it to.
- This agreement will continue until terminated in accordance with clause 17 below.
- If The User chooses not to accept these terms and conditions and therefore not to enter into this agreement, it should contact The Provider and should not use Bright HR or any of the Services.
- The User’s rights to use Bright HR and its obligations
- If The User accepts this agreement and pays the relevant subscription fees, The Provider gives to The User the right to use Bright HR in the way described in this agreement. The User must not use Bright HR in any other way.
- The User shall only use Bright HR for its internal business purposes and only to input its own information into Bright HR, manage its information and for its employees to enter their own information.
- All rights of ownership of the information The User inputs into Bright HR remain its property but its access to this information is dependent upon it complying with these terms and conditions and the applicable subscription fee being paid in full. The Provider will take all technical and appropriate security measures to protect the information from loss or damage; however, The User must keep copies of any information inputted into Bright HR (or generated by it) as The Provider cannot guarantee that The User’s information will not be lost or damaged.
- The User cannot transfer its subscription to use Bright HR (or any of the Services) to any other person or organisation.
- The User must comply with all applicable laws and legislation in respect to The User’s use of Bright HR and The User must ensure that the content of any data it inputs into Bright HR does not and will not result in any injury, damage or harm to us or any third party (including, without limitation, defamation or breach of confidentiality) and the content does not contain anything which is unlawful, obscene, indecent or immoral or promotes illegal or unlawful activities.
- The User acknowledges that although Bright HR is related to a group of companies whose core business is offering professional advice that Bright HR is not a substitute for seeking any employment law advice.
- The User may purchase or subscribe to third party complimentary products or software services that integrate or work with Bright HR (“Additional Services”). It is The User’s responsibility to decide whether or not to access and use Additional Services and if The User chooses to do so it must agree to the separate applicable terms and conditions presented to it by Bright HR or the third party for those Additional Services. If there is a conflict between any of the terms of this agreement and the Additional Services terms, the Additional Services terms will apply in relation to The User’s use of the Additional Service in question. The Provider is not responsible for any issue with any third-party technology, information and/or services and will not be liable for those issues. The Provider may withdraw access to such third party technology, information or services via Bright HR at any time and without notifying The User.
- The User shall make clear to every licensee of Your Software that it belongs to you and that you are not our agent, partner or authorised representative and that no legal relationship, whether contractual or otherwise, exists between that licensee and us and that we do not accept any responsibility for any defects in the Your Software or documentation licensed by you.
- Setting up a Bright HR account
- The Provider will give The User its sign-in details and password(s) to enable it to use Bright HR (the “sign-in information”) as soon as The User has registered with The Provider. The Provider will provide registration log in details if The User signs up to a specified free trial for the period and there will be no obligation to subscribe and pay for the solution once the free trial period terminates. On free trial termination if there has been no subscription set up to purchase Bright HR then access to the software will cease.
Free Trial means a limited right for The User to use the Services free from any payment obligation, from the date of registration until 30 days thereafter (unless otherwise specified and agreed with BrightHR). If at the end of a Free Trial, it does not wish to purchase the Services from The Provider, the trial will automatically expire and The User will no longer have access to the system.
- Following registration and any specified free trial period, The Provider will provide access to Bright HR until either The User or The Provider end this agreement in one of the ways set out in clause 16. If at any time The Provider charges The User an incorrect price, The Provider reserves the right to rectify its invoice and claim payment from The User for the correct amount which The User agrees to pay.
- The User may increase the subscription fee for Bright HR at any time by adding more employees on to the system which will automatically increase the subscription and take effect from The User’s next payment date.
- If The User is a recognised partner of Bright HR, its customers will be provided with log – in details to Bright HR and be covered by terms 5.1 in this agreement.
- Use of Bright HR
- The User is solely responsible for obtaining and maintaining its internet and network connections and any associated problems are its responsibility.
- The Provider will take reasonable steps to make sure that Bright HR is free from viruses but it cannot guarantee this. The Provider recommends that The User uses its own virus-protection software as The Provider will not be responsible for any loss or damage caused by any viruses or other harmful technology that may infect The User’s computer systems, data or other material owned by it.
- The Provider cannot guarantee that Bright HR will be compatible with The User’s web browser or computer set-up or that The User’s access to Bright HR will be uninterrupted or error free (this may be beyond The Provider’s control).
- The User is responsible for controlling who can access its Bright HR account. The Provider advises that The User does not allow anyone else to use its sign in information and that The User changes its password at regular intervals.
- From time to time The Provider may temporarily suspend access to Bright HR, for maintenance, repairs or other reasons. The Provider will try to do this outside normal business hours and provide notice in advance but this might not always be possible.
- Adding Services to The User’s Bright HR Account
- To add additional Services to Bright HR, The User must pay the applicable subscription fee for each additional Service in accordance with the terms and conditions of this agreement.
- The User can add Services [via its Bright HR customer account portal]. If The User wishes to add more Services to its Bright HR account but experiences difficulty, The User must contact The Provider and must forthwith cease the addition of such additional services until the Provider has successfully cured the difficulty. When adding a Service to its Bright HR account the applicable monthly subscription fee payable for each Service(s) will be amended to reflect such additional service(s). To discuss any additional Services The User must contact The Provider via email, telephone or web chat.
- Monthly Subscription Fees
- The User acknowledges and agrees that there is a monthly subscription fee of £2 per employee payable for Bright HR and for each additional employee or Service The User adds to its Bright HR account. The User agrees that, unless The Provider has The User’s payment details registered with them, which are up to date, it will not be able to use Bright HR or any of the Services (unless The Provider has specified to the contrary). The User agrees to increase or decrease its subscription billing amount dependant on how many employees it adds or removes from its system and acknowledges that it will receive a monthly billing amount that totals the number of employees it had on its system within the previous billing period.
- The User will ensure that all subscription payments are made to The Provider by debit or credit card (unless The Provider agree to another payment method) in the currency The Provider specifies, together with any applicable VAT (or other sales tax) which The Provider shall add at the prevailing rate to the subscription fee payable by The User.
- VAT is payable in addition to the fees set out in the Subscription Fee, which are shown exclusive of VAT.
- What happens if The User is in Default?
- If, at any time, The User is in breach of any term of this agreement or The Provider does not receive subscription payment from it for the use of Bright HR (including, without limitation, any of the Services it has subscribed to receive), without prejudice to any other right or remedy which The Provider may have, The Provider will suspend or limit The User’s use [and any employee self - service use) of Bright HR (including all Services). Bright HR may at its sole discretion offer The User a grace period during the defaulted payment period and has the right to suspend the service at the end of this period if payment has not been made. Bright HR will notify The User of any payment related defaults.
- Any suspension of The User’s use of Bright HR shall continue until such time that the breach in question has been remedied to the Provider’s reasonable satisfaction and/or The Provider have received payment from The User in full. Any failure by The User to remedy a breach of this agreement or to pay any amount due to The Provider shall (without prejudice to any other right or remedy which The Provider may have) entitle it to terminate this agreement in accordance with clause 16 below. Bright HR will notify The User by email of any intention to terminate the agreement.
- Restrictions on The User’s use of Bright HR
- The User hereby agrees as follows:
- The User must not introduce any viruses or harmful technology to Bright HR.
- The User must not try to gain unauthorised access to Bright HR or any underlying technology.
- The User must not try to affect the availability of Bright HR to other registered users (sometimes called ‘a denial-of-service attack’).
- Except as expressly permitted in this agreement, The User must not give anyone else any right (of any kind) to use or benefit from Bright HR in any way or provide Bright HR to others unless others are entitled to use Bright HR within The User’s business and are added to Bright HR as a user of the solution.
- The User must not use Bright HR to develop its own software. Specifically the User must not use or copy all or any part of Bright HR ‘graphical user interface’, ‘operating logic’ or ‘database structure’ for it to be part of, or to develop, any software or other product or technology, unless that use or copying is allowed by law.
- The User must not make any use of the Services which damages or is likely to damage The Provider’s business or reputation, the availability or integrity of Bright HR or which causes or threatens to cause The Provider to incur any legal, tax or regulatory liability.
- The User’s Information, Customer Data and Personal Data Information
The User provides to The Provider (excluding data inputted by The User or on its behalf into Bright HR which The Provider refers to in this agreement as “Customer Data”)
- Provide, manage and administer The User’s use of Bright HR.
- Fulfil The Provider’s contractual obligations under this agreement.
- Liaise with regulators, banks, law enforcement agencies (including the police).
- Contact The User to see if The User would like to take part in The Provider’s customer research.
- Contact The User about other products and services which The Provider thinks The User will be interested in.
- Deliver targeted advertising, marketing (including in-product messaging) or information to The User which may be useful to it, based on its use of Bright HR; and
- The Provider may disclose information to other companies in the Peninsula group of companies, its contractors, and other organisations including, without limitation, The Provider may disclose information to:
- Organisations which The Provider uses to help it send communications;
- Organisations The Provider use to help it provide the software or services (such as hosting providers, where relevant);
- Law enforcement agencies;
- Third parties (if any) used by The Provider to perform its obligations to The User under this agreement; and
- Any other person in order to meet any legal obligations on The Provider, including statutory or regulatory reporting.
- If The User provides The Provider with information which contains personal data The Provider will process and The User agrees and authorises it to process that data in accordance with the Data Protection Act 1998 if The User subscribes for Bright HR in the United Kingdom (“Data Protection Laws”). Where The Provider use the terms “personal data”, “data processor” and “data controller” in this agreement The Provider means as those terms are defined in the Data Protection Laws.
- If at any time The User does not want The Provider to use its personal data, The User must notify it by email using Support@brighthr.com.
- Customer Data
- The User owns its Customer Data and has sole responsibility for the legality, reliability, integrity, accuracy and quality of that Customer Data.
- To the extent personal data is included in any Customer Data The Provider will process that data on The User’s behalf as a data processor. The Provider will only process such personal data in accordance with The User’s instructions (and The User hereby instruct The Provider to take such steps in the processing of personal data on its behalf as are necessary for the provision of Bright HR under this agreement and the performance of The Provider’s obligations under this agreement).
- The Provider will use any Customer Data that The User transfers to it pursuant to this agreement to:
- Provide, manage and administer The User’s use of Bright HR; and
- Fulfil its contractual obligations under this agreement.
- The User warrants and represents that:
- The User will comply with the Data Protection Laws;
- The User is authorised pursuant to the Data Protection Laws to disclose any personal data which The User discloses or otherwise provides to The Provider regarding persons other than itself
- The User will where required under the Data Protection Laws obtain all necessary consents in order for (i) It to disclose the personal data to The Provider; (ii) to enable the Provider to process the personal data for the purposes of providing Bright HR; (iii) to disclose the personal data to those parties set out in clause 11.11 below including where the recipients of the personal data are outside the European Economic Area.
- The Provider warrants and represents that during the term of this agreement The Provider will:
- comply with the Data Protection Laws applicable to The Provider whilst such personal data is in its control;
- (having regard to the state of technological development and the cost of implementing any measures), take appropriate technical and organisational measures against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data, to ensure a level of security appropriate to the harm that might result from such unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected; and
- take reasonable steps to ensure the reliability of its employees who have access to any personal data.
- The User acknowledges and agrees that for the purposes of providing Bright HR under this agreement personal data may be transferred outside the European Economic Area.
- The Provider may, subject to clause 11.7, provide Customer Data that The User transfers to The Provider pursuant to this agreement to:
- The Provider’s agents, service providers and other Group Companies;
- Law enforcement agencies;
- Any other person in order to meet any legal obligations of the Provider, including statutory or regulatory reporting; and
- Any other person who has a legal right to require disclosure of the information.
- During the period of The User’s subscription, The Provider aims to provide The User with 24-hour support 7 days a week through the self-help tools (although there may be times where The Provider is unable to do so for reasons outside its control). The Provider will also provide support by [email] or [telephone] during working hours Monday to Friday between the hours of 8am and 6pm GMT. In the event that The Provider is required to access The User’s system to provide such support the User duly authorises such access.
- The Provider reserves the right to change how it provides support to The User for Bright HR (and if any applicable charges will become payable) by posting a notification on Bright HR or emailing The User with details of the changes. The Provider will aim to give The User as much advance notice as possible of these changes.
- Despite the aim to give The User support for Bright HR and the Services, The Provider will not at any time give The User technical support or other assistance for any hardware, third-party software or other equipment used with Bright HR.
- Intellectual Property Rights
- Although The User has the rights to use Bright HR line as described in clause 4, The User will not own any of the intellectual property rights in Bright HR. The Provider (or the third party from whom The Provider obtains the rights if The Provider is not the owner) will continue to own the intellectual-property rights in Bright HR, including any software The Provider provides to replace all or part of Bright HR. The only rights The User will have to Bright HR are as set out in this agreement.
- The Provider (or our licensors) owns the rights to Bright HR and any related logos. Other owners own the rights in any third-party software and their logos. By allowing The User to use Bright HR, The Provider does not give The User ownership of any of those rights or logos, and the rights The User has to use Bright HR and any third-party software, and any related logos, are as described in this agreement.
- The User undertakes not to use Bright HR’s name or brand in any promotion or marketing or announcement without its prior written consent.
- Obligations of Bright HR
- Whilst The Provider aims to provide uninterrupted use of Bright HR, unfortunately it cannot guarantee this. The Provider will not be responsible for any failure to perform its obligations under this agreement, in the event that it is prevented from providing a continuous service due to circumstances beyond its control. Wherever possible, The Provider will provide an advance warning notification on Bright HR or by email of any known or planned interruptions and The Provider will use its best endeavours to keep any interruption as short as possible.
- The Provider gives no warranties to the User in respect of the following matters:
- That Bright HR will meet The User’s own needs;
- That The User will be able to use Bright HR in any particular way;
- That The User will get particular outputs from Bright HR;
- That the standard of the results The User derives from using Bright HR will meet a particular standard; or
- that, where The User use The Provider’s technical support services, The Provider will be able to correct or remedy The User’s particular problem.
- The User cannot rely on any statement or representation made by any party as to such matters made prior to the signature of this contract in relation to the matters referred to in this clause.
- The Provider agrees that it will use its reasonable skill and care to provide any service to The User under this agreement.
- This clause describes the entirety of the Provider’s obligation relating to Bright HR, and The Provider is not bound by any other contract term, or warranties whatsoever save that in the event that any further terms can be implied against the Provider then The Provider will only be bound by that term or warranty or to the extent prescribed by law.
- Subject to clause 15.4, our total liability in contract, tort (including negligence or breach of statutory duty), misrepresentation, restitution or otherwise arising under or in connection with this agreement will be limited to an amount equal to the total of all fees paid or payable by The User for its subscription to Bright HR in the 1 month period in which the claim arose.
- Subject to clause 12.4, The Provider will not be responsible whether in contract, tort (including negligence or breach of statutory duty), misrepresentation, and restitution or otherwise for any of the following (even if The Provider knew or should have known there was a possibility The User could suffer or incur such loss or damage):
- Loss of profit;
- Loss of business or revenue;
- Depletion of goodwill or similar losses;
- Loss of use or loss of or damage to data/information inputted by The User into Bright HR;
- Any interruption to The User business or damage to information, however that interruption or damage is caused;
- losses The User suffers as a result of using Bright HR other than as described in the relevant documents; and/or
- any loss or damage which The Provider could not have reasonably foreseen at the time The User entered into this agreement including, without limitation any special, indirect or consequential loss or damage.
- Nothing in this agreement will exclude or limit the liability of either The User or the Provider in respect of:
15.2.2. Death of or personal injury to any person as a result of negligence; or
15.4.3. Any other matter which cannot be excluded or limited under applicable law.
- FORCE MAJEURE
Neither party shall be liable for any default arising due to act of God, war, any industrial action including strike and lockout, fire, flood, drought, tempest or other natural disaster, or any other event beyond either party's reasonable control.
- Methods and effects of termination
- The Provider may terminate this agreement immediately if it does not receive The User’s subscription fee or any other fees due to it under this agreement by the relevant due date.
- The Provider may terminate this agreement at any time on giving The User at least 30 days’ notice and if The Provider does so, the it will refund to The User any amounts The User may have paid in advance for the applicable subscription period calculated from the date of termination.
- The User may terminate this agreement at any time by cancelling its subscription in respect of its online account via the product. The Users cancellation is effective from the first bill date after the cancellation. If a User cancels their subscription, The Provider will not be obliged to refund to The User any amounts it may have paid in advance for the applicable subscription period, and The User must immediately pay all sums owed by it to The Provider no later than the date of termination. If The User continues to use Bright HR after the expiry of any subscription period The Provider will be entitled to charge The User for such use at its then current fees.
- If either The User or The Provider discover that there has been a breach of the terms of this agreement by then it can:-
- i) Require the party in breach by notice in writing to rectify it within 30 days of the date of service of such notice.
- ii) If the breach is not rectified within that period to terminate this agreement by giving written notice that this agreement will terminate forthwith.
- If either party shall;
- i). become insolvent or bankrupt or
- ii) have a receiving order or administration order made against it or compound with its creditors, or
- iii) being a corporation commences to be wound up (not being a member’s voluntary winding up for the purposes of reconstruction or amalgamation), or
- iv) carries on its business under an administrator or administrative receiver for the benefit of its creditors or any of them, then the other party shall have the right forthwith by notice in writing to that party or to the administrator, administrative receiver or to the liquidator or to any person in whom the Contract shall have become vested to terminate the Contract.
In the event of the Contract being terminated under this Clause the party giving notice shall have the right by prior notice to the other to enter that other’s premises if appropriate for the sole purpose of removing any item, equipment or materials which is its property and which are clearly marked and identified as such.
The exercise of either party of their rights under this Clause shall not prejudice any of their rights or obligations accrued prior to termination and the provisions referred to in the Clause relating to Termination for Breach as continuing obligations shall apply.
- No matter how this agreement ends, the information The User stores in Bright HR remains The User’s information and The User can access it in a format provided by Bright HR before the end of the agreement. After this agreement ends, the information The User may have stored in Bright HR will be retained for a period of 6 years.
- If any provision of this Agreement is held illegal or unenforceable in a judicial proceeding, such provision shall be severed and shall be inoperative, and, provided that the fundamental terms and conditions of this Agreement remain legal and enforceable, the remainder of this Agreement shall remain operative and binding on the Parties
- If The User or The Provider fail to, or delay in, exercising any rights under this agreement, that will not mean that those rights cannot be exercised in the future.
- This agreement and the documents The Provider refer to above constitute is the entire agreement between The User and The Provider for use of Bright HR, and replaces all documents, information and other communications (whether spoken or written) between them for such use.
- This agreement is personal to The User and may not be transferred, assigned, subcontracted, licensed, charged or otherwise dealt with or disposed of (whether in whole or in part) by The User without The Provider’s prior written consent. The Provider may transfer, assign, subcontract, license, charge or otherwise deal with or dispose of (whether in whole or in part) this agreement at any time without The User’s consent.
- A person who is not a party to this agreement has no right to enforce any term of it.
- Where either party is required to notify the other party by email, the party shall be deemed to have received the email on the first business day following transmission.
- Which laws govern this agreement? If The User subscribes to Bright HR in the United Kingdom, this agreement (and all non-contractual claims and disputes) is governed by the laws of England and Wales and The User and The Provider both agree that the courts of England and Wales shall be the only courts competent to decide disputes in relation to this agreement.
What information do we collect about you?
We collect information about you when you; visit our website; subscribe to our services; apply for employment with us; attend one of our events; and/or engage in business dealings with us.
How will we use the information about you?
When you visit our website, a record of your visit is made. That data is used completely anonymously, in order to determine the number of people who visit our website and the most frequently used sections of the site. This enables us to continually update and refine the site. If you use any forms on the website to send an email to us, a record will also be made of your email address and your telephone number.
We may collect, hold, use and disclose the information collected to compile statistical data and to; maintain our database; develop/improve our website; respond to any email enquiries; notify you of any upcoming marketing, training or other events; provide you with publications; manage quality control; manage systems administration; attend to compliance issues; provide you or your organisation with advice; determine suitability for employment and for other marketing purposes.
We will not use or disclose your personal information for any other purpose which is not related (or in the case of sensitive information, directly related) to the above purposes without your consent, unless otherwise authorised, required or permitted under the laws of England and Wales.
If you no longer wish to receive information about our services, please send an email to email@example.com advising that you do not wish to receive further information.
Will we disclose your data?
Your personal information will only be disclosed to third parties if BrightHR:
Sell or purchase any business or assets it may be the case that we authorise disclosure of selected personal data to prospective sellers or buyers of such business or assets.
If the substantial majority of the assets are sold to a third party. In instances such as this your personal data may be one of the transferred assets.
If BrightHR are required to disclose personal data as a legal obligation to: enforce our Terms and Conditions, protect the property, rights or safety of BrightHR, users of our services or others. In such case information may be exchanged with third party companies or organisations in order to prevent fraud or reduce credit risk
Access to your information and correction requests
You have a right to request access to the information that we hold about you. If you would like to request access to your personal information please email firstname.lastname@example.org or write to our Chief Marketing Officer at Bright HR, The Peninsula, Victoria Place, Manchester, M4 4FB.
A £10 fee will apply for the provision of this information (ordinarily, an electronic print out or photocopy). Identification will also be requested for security.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate or out of date.
This website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate your use of this website and compile reports for us on activity on the website. Google stores the information collected by the cookie on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. By using this website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookes.org or www.allaboutcookies.org
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
How to contact us
Chief Marketing Officer
Data Protection Statement of Bright HR which is owned and operated by Bright HR Limited
The Data Protection Act 1998 allows us to hold and process personal data. We will use the personal data provided to us only for its intended purpose, and in accordance with the requirements of the Data Protection Act 1998.
Should an employee, whose details appear on Bright HR, that any information held about them is incorrect, then they should notify their line manager at the earliest available opportunity, so that they can either address the matter or raise it with us.
This statement sets out how the information on Bright HR is to be used. The information provided by which employees can be identified, will only be used in accordance for its intended purpose in accordance with this statement.
What information will be collected?
The following information about employees may be collected:
- Date of Birth
- Job title
- Contact details, for example, details of next of kin
- Immigration status details i.e. passport number/visa number and expiry dates
- National Insurance Number
- Information relating to employment, i.e. absence records, development records and annual leave entitlement. This information may be collected via application for employment forms, personal details forms, personnel files and records and any subsequent amendments to such documents.
What is the information used for?
Clients of Bright HR will use the information to maintain current and accurate employee records, which can be used for such purposes as staff administration, payroll, equal opportunities monitoring, absence monitoring, annual leave records, and other employment related matters.
Personal Data will not be used for any other purpose outside of the scope of your employment.
Retention of Bright HR records
If a client of Bright HR terminates their service agreement with Bright HR, their employee data will be retained for a period of 6 years after their service agreement ends before being deleted. The data during the 6 year period will be held securely as described under the Security section below.
We are committed to ensuring that employee information is kept secure at all times, and we will implement appropriate technical and organisational measures against the unauthorised or unlawful disclosure of such information, and so as to prevent its accidental loss, destruction or damage.
Personal access to Bright HR will only be via a secure username and password. The username and password for each individual is unique and only allows access to their own personal information. Only certain authorised staff, who are required to have access to the personal information of other employees for the purposes of their job role, will be authorised and will have the necessary access rights to do so. They will receive relevant training and will be asked to agree to abide by the terms of this Data Protection Statement.
All users of Bright HR are encouraged to keep their unique user and password strictly confidential. Users of Bright HR must notify us if they become aware of any unauthorised access, and we will notify clients of Bright HR should we become aware of any security breach involving loss, corruption or theft of employee information.
Storage and Encryption
By leveraging the power of Cloud all Bright HR Data is stored on highly secure systems. These utilise the latest encryption and security technologies which are ISO/IEC 27001:2013, ISO/IEC 27017:2015 and ISO/IEC 27018 compliant regarding data security in the cloud. To maintain our PCI compliance, approved independent security vendors are used by Bright HR to ensure all our systems are scanned daily for any vulnerabilities.
Subject Access Requests
Details of the personal information held about individual employees on Bright HR may be requested, in writing, by that individual. A payment of a £10 fee will be requested and the individual will be asked to provide two forms of identification. Such a request must be made to Bright HR’s compliance manager, who will ensure that it is dealt with in accordance with Section 7 of the Data Protection Act 1998. The individual’s employer will be notified that such a request has been received.
No personal information held on Bright HR will be passed to third parties, without the consent of the individual employee concerned, unless such disclosure is legally required in accordance with provisions of the Data Protection Act 1998.