Parolla Limited Privacy Policy

This privacy policy will explain how our organization uses the personal data we collect from you when you use our website.

Topics:

  • What data do we collect?
  • How do we collect your data?
  • How will we use your data?
  • How do we store your data?
  • Marketing
  • What are your data protection rights?
  • What are cookies?
  • How do we use cookies?
  • What types of cookies do we use?
  • How to manage your cookies
  • Privacy policies of other websites
  • Changes to our privacy policy
  • How to contact us
  • How to contact the appropriate authorities

What data do we collect?

Parolla Limited are Data Processors acting on behalf of client organisation Data Controllers. We process data provided either by the client organisation, The Revenue Commissioners, or directly by the employee. Data is collected under:

  • Legal obligation for the purposes of processing tax information
  • Legitimate interest for the purpose of a company processing pay run, leave entitlements, accountancy information, employee communication
  • Consent for the employee and users purpose of interacting with the site and receiving payslips by email etc.

Our Company collects the following Personal Data that can be used to identify an individual either directly, or indirectly with a third data set:

  • Personal identification information (Name, email address, phone numbers, date of birth)
  • Employee bank account details
  • Home addresses
  • Next of kin details
  • Job titles & Company
  • PPS numbers
  • Avatar profile images
  • Vehicle registration numbers

We also collect data classified as Sensitive Personal Data, which can be used to identify an individuals political affiliations, religious beliefs, sexual orientation, health and ethnicity.

  • Trade and union memberships
  • Court-ordered garnishee deductions
  • Political deductions
  • Tithe deductions
  • Medical deductions
  • Sick leave records and doctor certificates

The minimum age of digital consent in Ireland is 13 years old, the minimum age for paid employment is 14 years, so there should not be details of minors in the Parolla System. It is up to the client organisation Data Controller to ensure the accuracy of this information.

How do we collect your data?

The Employer or Employee directly provide Parolla Limited with most of the data we collect. We collect data and process data when you:

  • Register online
  • Setup or modify company details
  • Setup or modify an employee profile
  • Upload leave applications, vehicle log submissions and expense receipts
  • Use or view our website via your browser’s cookies.

Our Company may also receive your data indirectly from the following sources:

  • The Revenue Commissioners via their Revenue Online Service API
  • Third-party accounting systems that you have linked to our system.

How will we use your data?

Our Company collects your data so that we can:

  • Process your pay runs
  • Submit legally required information to Revenue
  • Update your business accounts
  • Email & print employee payslips
  • Generate bank transaction files
  • Generate CSO reporting information
  • Contact you with information on product updates
  • Manage and improve user experience

We use third-party service providers to assist with providing our service

  • Dediserve – for primary data centre servers (Ireland)
  • Hetzner – for disaster recovery data centre servers (Germany)
  • Intercom – for web application chat systems and user statistics
  • Google Analytics – for web optimisation
  • Xero – for accountancy integration
  • Inspectlet – for user experience heat maps and session recording
  • Send in blue – for email messaging and product newsletters
  • Surfly – for shared screen co-browsing
  • Youtube – for tutorial videos
  • Cloudflare – for domain name management, web page caching, and site security
  • Stripe – for payment collection

We do not share your data with our partner companies so that they may offer you their products and services.

How do we store your data?

Parolla Limited stores your data in database and file servers located in three physical locations:

  • Our primary databases are managed by Digital Ocean and located in Frankfurt. Digital Ocean are ISO/IEC 27001 certified.
  • Our primary file servers are hosted by Dediserve in a Level 3 tier 4 facility in Dublin. Dediserve is ISO 27001, 22301 and 9001 accredited.
  • Our disaster recovery databases and file servers are hosted by Hetzner in Nuremberg, Germany. Hetzner is ISO/DIN 27001 certified.

All data is separated by concern. Databases are maintained on their own servers, separate from applications and from files.

  • Log files are stored on distributed servers behind private firewalls using SSH key-based authentication.
  • PDF files are encrypted at the point of creation before being stored on private file servers or being sent over HTTPS
  • Spreadsheets can be encrypted if configured in the company preferences.

Databases containing Personal Data and Sensitive Personal Data are treated as follows:

  • All Sensitive Personal Data stored within databases is encrypted.
  • Names are encrypted
  • Phone numbers are encrypted
  • Passwords are encrypted
  • PPS Numbers are encrypted
  • Bank account details are encrypted

We keep data for 7 years. The minimum required by law when processing payroll is 6 years after the end of the tax year.

Once this time period has expired we will delete or anonymise data in the following fashion, for the year that has expired:

  • Names are anonymised
  • Birthdates are grouped into 5-year blocks
  • Addresses are deleted up to town level
  • Bank account details are deleted
  • Tax numbers are deleted
  • Sensitive Personal Data is anonymised

How do we transmit your data?

We receive data over TLS encrypted HTTPS web forms, email and chat systems.

We display data over TLS encrypted HTTPS web pages, email and chat systems.

We serve data within encrypted PDF documents, or Excel/ODF spreadsheets locked within encrypted ZIP files. File are transmitted over TLS encrypted HTTPS.

Marketing

Parolla Limited will send you information about products and services of ours that we think you might like. We do not give your data to third parties and do not advertise on behalf of third parties.

If you have agreed to receive marketing, you may always opt-out at a later date.

You have the right at any time to stop Parolla Limited from contacting you for marketing purposes.

What are your data protection rights?

Parolla Limited would like to make sure you are fully aware of all of your data protection rights. Every user and employee is entitled to the following:

The right to access – You have the right to request Parolla Limited for copies of your personal data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that Parolla Limited correct any information you believe is inaccurate. You also have the right to request Parolla Limited to complete the information you believe is incomplete.

The right to erasure – You have the right to request that Parolla Limited erase your personal data, under certain conditions, such as where not required for legitimate interest of processing payroll and keeping legal records.

The right to restrict processing – You have the right to request that Parolla Limited restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to Parolla Limited’s processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that Parolla Limited transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email:

Call us at: 089 221 9326

Or email us at: [email protected]

Cookies

Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology

For further information, visit allaboutcookies.org.

How do we use cookies?

Our Company uses cookies in a range of ways to improve your experience on our website, including:

  • Keeping you signed in
  • Understanding how you use our website
  • Recording session activity for service assistance
  • Co-browsing for training and service assistance
  • Chat and real-time communication

What types of cookies do we use?

There are a number of different types of cookies, however, our website uses:

  • Functionality – Our Company uses these cookies so that we recognize you on our website and remember your previously selected preferences. These could include what language you prefer and the location you are in. A mix of first-party and third-party cookies are used.
  • Advertising – Our Company uses these cookies to collect information about your visit to our website, the content you viewed, the links you followed and information about your browser, device, and your IP address.

How to manage cookies

You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result.

Privacy policies of other websites

The Parolla website contains links to other websites. Our privacy policy applies only to our website, so if you click on a link to another website, you should read their privacy policy.

Changes to our privacy policy

Our Company keeps its privacy policy under regular review and places any updates on this web page. This privacy policy was last updated on 9th August 2019.

How to contact us

If you have any questions about Our Company’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us.

Email us at: [email protected]

Call us: 089 221 9326

Or write to us at: 5 Springhill Court, Tramore, Co. Waterford, Ireland

How to contact the appropriate authority

Should you wish to report a complaint or if you feel that Parolla Limited has not addressed your concern in a satisfactory manner, you may contact the Information Commissioner’s Office.

Email: [email protected]

Address: 18 Lower Leeson Street, Dublin 2, D02 HE97.
Phone: +353 1 639 5689