IT security and solutions
tailored to your needs

  • Experienced consultants dedicated to our clients

  • IT infrastructure and data hosting in Luxembourg

  • Disaster Recovery Plan (DRP) and Disaster Recovery Center (DRC)

  • Vulnerability tests performed once a year on all our digital solutions

  • Business Continuity Plan (BCP)

IF PAYROLL & HR - image

GDPR

IF Payroll & HR adheres to very high standards of quality and places the protection of personal data at the heart of its concerns, in particular by acting in such a way as to protect the personal data of its customers, employees and any other person with whom IF Payroll & HR could maintain business relations.

Any processing of personal data is carried out by IF Payroll & HR as controller or subcontractor as part of its salary management mission to its customers and meet the following substantive requirements :

  • Legality, loyalty and transparency :
    Personal data is processed in a lawful, fair and transparent manner with regard to the person concerned. The collection, registration, use and transmission of personal data is made in accordance with laws and regulations, in good faith, and not without the knowledge of the person concerned.

  • Purpose limitation :
    Personal data is collected for specified, explicit and legitimate purposes, and is not further processed in a manner incompatible with those purposes. The objectives pursued are chosen and known before the start of treatment and are defined precisely.

  • Data minimization :
    Personal data is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.

  • Accuracy :
    Personal data must be accurate and, if necessary, kept up to date.

  • Limitation of retention :
    Personal data is not kept longer than necessary for the purposes of which it is collected and processed.

  • Integrity and confidentiality :
    Personal data is processed in a way that ensures appropriate security of personal data. In fact, the integrity and confidentiality of the data is ensured by means of appropriate technical and organization measures, in particular against unauthorized or unlawful processing and against accidental loss, destruction or alteration of data.

  • Accountability :
    IF Payroll & HR shall take appropriate measures to ensure and be able to demonstrate that the processing of personal data is carried out in compliance with the Regulations.

    Moreover, by its certification ISO 9001: 2015, IF Payroll & HR ensures an optimal service that meets the applicable legal and regulatory requirements, and in particular in the context of the protection of personal data.

Answer

IF PAYROLL & HR is required to comply with the applicable legislation on the protection of personal data, in particular the General Data Protection Regulation EU 679/2016 of 27 April 2016 (known as GDPR).

IF PAYROLL & HR processes personal data in several ways :

  • as a data controller, for data concerning its own internal organization (e.g. Human resources) and the management of its operations (e.g. Accounting, billing), and

  • as a subcontractor (processor) of its customers (the CUSTOMERS, who in this case are responsible for the processing concerned) as part of its salary management activity on behalf of these customers.

ANSWER

Personal data breach is a security breach resulting in accidental or unlawful destruction, loss, alteration, unauthorized disclosure of personal data transmitted, stored or otherwise processed, or unauthorized access to such data.

Answer

If you notice a data breach, we invite you to contact us at the following e-mail address as soon as possible : dataprotection@ifpayroll.lu

IF Payroll & HR, as a subcontractor, undertakes to inform the customer (controller) without unjustified delay as soon as he becomes aware of any data breach, unless this breach is not of nature to create a risk for the rights and freedoms of individuals.