Clocking Terminals and the GDPR
ClockRite Hardware Compliance Guide
As the ClockRite Clocking Terminal is used to store personal employee data it must be factored into your GDPR compliance policies and procedures. We believe that the majority of information stored in the Clocking Terminal will be low-risk, although Biometric data is treated differently under the GDPR. It's important to note that our Clocking Terminals convert Biometric data into a mathematical algorithm, and do not store an image of the user's fingerprint or face (unless the portrait feature is enabled on facial recognition terminals).
All data entered is entered into the Clocking Terminal by you, and remains your sole responsibility.
In this article
- What kind of data is stored in the Clocking Terminal?
- Who has access to data stored in the Clocking Terminal?
- How does the Clocking Terminal store Biometric data?
- Tips and best practice
What kind of data is stored in the Clocking Terminal?
All data is entered into the Clocking Terminal by you, and should be factored into a data audit of personal employee information as part of your GDPR compliance. During normal operation the Clocking Terminal may hold some, but not necessarily all, of the following information about an individual:
- First and last name
- 'ClockRite ID' number
- Unprocessed clocking records, with each employee's specific clocking records identifiable by their associated 'ClockRite ID'
- Biometric templates for each employee (if you are using a fingerprint or facial recognition system)
Who has access to data stored in the Clocking Terminal?
It is up to you to determine who will have access to the data stored in the Clocking Terminal. Access can be restricted through use of an Admin Card and password. It is possible to download clocking records from the Clocking Terminal via USB, but this action requires use of the Admin Card and password. Clocking files downloaded onto USB are not password protected, but only contain employee's 'ClockRite ID' and associated clocking records.
The Clocking Terminal is local to your organisation, and and we do not have access to it or the information therein under normal circumstances.
How the ClockRite System Stores and uses Biometric Data
Biometric data, be it fingerprint or facial, is captured by the Clocking Terminal as a digital image known as a 'live scan.' The live scan is then processed to create a biometric template based on points of interest. For a fingerprint, these could be the points at which certain fingerprint ridges end, converge, or split. For a face, they might be the distance between the eyes or the shape of the mouth. The biometric template is stored within the Clocking Terminal as a mathematical algorithm which the Terminal can reference in order to determine whether the biometric templates derived from future 'live scans' are from the same finger or face.
The live scans themselves are only used to create these biometric templates, and are not stored by the Terminal. In this way we can be sure that the Clocking Terminal only collects characteristic points of user's biometric data, and not images of the face or fingerprint themselves.
It's helpful to think of the fingerprint or face like a map, with the characteristic points as co-ordinates. In the same way that co-ordinates alone will not give you an image of the map itself, characteristic points of a specific fingerprint or face do not give you the full image.
Fingerprint and facial algorithms can be downloaded from the Clocking Terminal onto USB to allow for backups and transfers between Terminals, but there is no way to process, manipulate, or reverse engineer these algorithms from the file on the USB Stick. Access is protected through the use of an 'Admin Card' and password.
Tips and best practice for GDPR compliance
- From a data security standpoint, it's always a good idea to ensure that access to the data within the Clocking Terminal is restricted to those who actually need it. Many customers maintain a sign-out sheet for use of the Admin Card, for example.
- Data can be downloaded from the Clocking Terminal via USB by those with Admin credentials. Its worth bearing this in mind when deciding who within your organisation will be given access to the Admin Card.
- In line with the practice of data minimisation, ensure only those who need to use the Cocking Terminal are registered on it. If you have a certain set of employees who do not need to clock in and out, for example, it's best not to enter their information into the Terminal.
- Ensure that former employees are removed from the Clocking Terminal. It's a good idea to add this to the set procedure for people leaving your organisation.
***This guide is for informational purposes only, and should not be relied upon as legal advice. It's important to conduct your own assessment of the employee data you intend to hold within the ClockRite System, how this pertains to the rights of individual employees, and your lawful basis for holding this information under the GDPR legislation. Compliance with the GDPR should be borne in mind at all stages of implementing a Time & Attendance System***