Files and GDPR

In this article, you can read about how Smartplan handles files in relation to GDPR.


The file handling function does not differ in terms of GDPR compliance compared to other parts of the system. It is the data controller who is responsible for the data managed by Smartplan, and as data processors, we must comply with the data processing agreement between us.


In the data processing agreement, we describe the data that we process for the data controller. Here, it is specified that we process general personal data. We do not describe processing sensitive personal data or criminal information.


As we interpret the categorization by the Danish Data Protection Agency, an employment contract with general personal data is acceptable, but if the file contains sensitive data or information about criminal matters, the data controller should assess whether they have the legal basis to hold that data. However, according to our data processing agreement, users cannot use Smartplan to process sensitive personal data or personal data about criminal information.


It is also worth emphasizing that the files are encrypted during transmission and storage.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.