You have landed on our UK Site.
US/Global

Data Privacy and Information Security

Quinyx has always made information security and privacy a top priority. We comply with the new General Data Protection Regulation (GDPR) giving you control of your personal data.
068-law

Privacy Statement

View our Privacy Statement

Quinyx application

What personal data do we process?

We only process personal data that is required for Quinyx to fulfil its intended purposes as a workforce management system, which include:
  • Human resource management
  • Work time scheduling
  • Work task scheduling and execution
  • Work time reporting
  • Communication
By default, it is possible to store and process the following personal data in the system:
  • Name
  • Address
  • Telephone no.
  • Email address
  • Social security no. / civic registration no.
  • Next of kin’s name and contact info.
  • Organisational affiliation, such as home department and cost centre
  • Employment contract
  • Availability
  • Work shifts
  • Time punches
  • Absences
  • Qmail messages
Your employer is ultimately responsible for which personal data they choose to store and process in the system. Your employer may also choose to add customised personal data fields to store additional data that is required to simplify their workforce management process.
 
In addition to the personal data mentioned above, which is managed by your employer, Quinyx processes the following additional personal data: 
  • IP-address
  • Details of your hardware configuration such as operating system, web browser and screen resolution
  • Details of your usage of Quinyx, e.g. which features you use, what you click on etc.

Why do we process your personal data?

Quinyx processes personal data so that your employer can fulfil your employment contract by allowing your manager and/or colleagues to:

  • Contact you
  • Contact your next of kin in case of emergency
  • Schedule your work time according to your
    • Employment contract
    • Collective/union agreement
    • Availability
  • Ensure that your work tasks are performed correctly and on time
  • Ensure that your working time is correctly reported
  • Pay your salary

Any personal data in addition to that which is managed by your employer is processed so that Quinyx can:

  • Ensure the security of the application by identifying and blocking unauthorised or malicious use by ways of:
    • Proactive security inspection by tracing and correlating blacklisted networks
    • Proactive and reactive DDoS countermeasures
    • Security features in the application, such as automatic lockout and/or limits
  • Provide traceable and legally binding evidence of any misuse, malicious, or illegal activity performed in the system
  • Better understand how you use Quinyx so that we can offer more precise and tailored user support and communication
  • Better understand how different types of users use Quinyx and its different features so that we can better decide how to improve them in the future

Who do we share your personal data with?

We do not share your personal data with any parties other than your employer and pre-approved data subprocessors, and we conform to industry best practices regarding data security to ensure that your personal data is safe.

How long do we store your personal data?

Your personal data is stored as long as your employer chooses to keep it in the system. Typically, this is limited to your period of employment, however your employer may choose to keep some or all of your personal data in the system after your employment ends in order to comply with local legislation. After your personal data has been removed from the system, some or all of it may be kept in backups for a limited time in accordance with the terms of service that have been agreed upon between us and your employer.

How can I find out what personal data is stored on me?

Turn to your employer to get an exact summary of which personal data is stored on you.

How can I delete my personal data from the system?

You must turn to your employer to request a full deletion of your personal data from the system, as some or all of the data may be required to be kept for a certain period in order to comply with local legislation.

Why does the mobile app require location services?

Please see this help article.

About GDPR

What is GDPR?

The GDPR (General Data Protection Regulation) is a new EU Regulation which will replace the 1995 EU Data Protection Directive (DPD). It is a law on data protection and privacy for all individuals within the European Union (EU). The GDPR aims primarily to give control back to individuals over their personal data and to simplify the regulatory environment. Being a regulation, not a directive, it forces all countries within EU to implement GDPR by May 25, 2018.

 

The regulation builds on many of the requirements from the 1995 directive for data privacy and security, but includes new provisions to strengthen the rights of data subjects, the individuals whose personal data is processed, and it adds harsher penalties for companies and organisations that fail to comply with the regulation.

Read more

Quinyx has its main establishment in Sweden and our lead supervisory authority is IMY.

Your Rights

Your rights to personal data

Under the GDPR, you have certain rights related to the processing of your personal data. These are listed below.

 

Quinyx is in its capacity as data controller responsible for ensuring that your personal data is processed in accordance with applicable law and that your rights are taken into account when we process your personal data. If you want to use your rights, please contact us at dataprivacy@quinyx.com. You can also contact our DPO, which will be assigned as of 25th of May, at dpo@quinyx.com if you experience that Quinyx do not live up to your rights.

At Quinyx, we will take all reasonable and possible actions to notify any recipients of your personal data as set out in chapter 5 above regarding any rectification, erasure or restrictions carried out by us. At your request, we will also inform you of which third parties we have shared your personal data with.

 

You have the right to request access to personal data

You have the right to request an abstract from our data record regarding our use of your personal data. You also have the right to request a copy of the personal information being processed at no cost. However, we may charge you a reasonable administrative fee to provide you with additional copies of the personal data. If you make your access request by electronic means such as email, we will provide you with the information in a commonly used electronic format.

 

Contact: dataprivacy@quinyx.com

 

You have the right to request rectification of your personal data

We will at your request, or at our own initiative, rectify, anonymise, erase or complement personal data that you or we discover is inaccurate, incomplete or misleading. You also have the right to complement the personal data with additional data if relevant information is missing.

 

Contact: dataprivacy@quinyx.com

 

You have the right to request erasure of your personal data

You have the right to request that we erase your personal data if we do no longer have an acceptable reason for processing the data. Given this, erasure shall be made by us if:

  • the personal data is no longer necessary for the purposes for which it was collected,
  • you object to the processing of your personal data based on our legitimate interest and there is no overriding legitimate ground for the processing,
  • the personal data has not been lawfully processed,
  • we are required to erase the personal data due to a legal obligation, or
  • you are a child and we have collected the personal data in relation to the offer of information society services.

However, there might be requirements under applicable law, or other weighty reasons, which entail in us not being able to immediately erase your personal data.  In such case, we will stop using your personal data for any other reasons than to comply with the applicable law, or the relevant weighty reason.

 

Contact: dataprivacy@quinyx.com

 

You have the right to restrict processing

This means that we temporarily restrict the processing of your personal data. You have the right to request restriction of the processing when:

  • you have requested rectification of your personal data in accordance with the section “You have the right to request rectification of your personal data” above during the time period we are verifying the accuracy of the data,
  • the processing is unlawful and you do not want the personal data to be erased,
  • Quinyx, in its capacity as data controller, does no longer need the personal data for the purposes for which it was processed, but you require us to retain the information for the establishment, exercise or defence of legal claims, or
  • you have objected to our legitimate interest for the processing in accordance with the section “You have the right to object to the processing” below during the time period we determine whether the legitimate interest overrides your privacy rights.

 

Contact: dataprivacy@quinyx.com 

 

You have the right to object to the processing

You have the right to object to such processing of your personal data based upon our legitimate interest (please see chapter 4 above). If you object to such processing, we will only continue with the processing if we have a compelling legitimate reason for the processing that outweighs your interest, rights or freedoms, or unless continued processing is necessary for the establishment, exercise or defence of a legal claim.

 

Contact: dataprivacy@quinyx.com

Your right to lodge a complaint

You have the right to lodge a complaint with the data protection authority

You have the right to lodge any complaints regarding our processing of your personal data with the data protection authority. The supervisory authority for Quinyx is Datainspektionen, Sweden. https://datainspektionen.se

 

Should you experience that Quinyx and the DPO do not live up to GDPR and the data subject rights, read more about how to report to Datainspektionen. https://datainspektionen.se

Cookies

What are cookies?

Quinyx uses cookies on www.quinyx.com. By browsing the website, you consent to the use of cookies.

 

Cookies are small pieces of text sent by your web browser by a website you visit. A cookie file is stored in your web browser and allows a website, service or a third ­party to recognise you and make your next visit easier and more useful to you.

 

Cookies can be "persistent" or "session" cookies.

How Quinyx ​uses cookies

When you use and access the website, we may place a number of cookies files in your web browser.

 

We use cookies for the following purposes:

  • to enable certain functions of the website
  • to provide analytics
  • to store your preferences
  • to enable advertisements delivery, including behavioral advertising.

 

We use both session and persistent cookies on www.quinyx.com.

Third­ party cookies

In addition to our own cookies, we may also use various third­ parties cookies to report usage statistics of the website and deliver advertisements.

What are your choices regarding cookies

You can learn more about cookies and the following third ­party websites:

Information Security

Quinyx Information Security Overview