Privacy Policy

We take your privacy rights seriously. To be as transparent with you as possible we have created this Terms and Privacy Statement so that you know how we collect, use, communicate, disclose and make use of personal information.

Your use of this web site signifies your consent to us collecting and using personal information about you in accordance with this Statement.

At CakeHR we believe in the importance of looking after your information and ensuring you have maximum control over it, we’ve summarised the key points from within our Privacy Policy - but of course we suggest reading it in full.

  1. Only those within your organisation with the appropriate access level are able to view your information & we restrict access on our end.

  2. If you’d like to access, amend or delete any information please contact [email protected]

If at any time you are concerned or have questions about how we might be handling your data, please reach out to our Data Protection Officer at [email protected]

IF YOU DO NOT ACCEPT AND AGREE WITH OUR PRIVACY POLICY THEN YOU MUST NOT ACCESS OR USE CAKEHR.

HR Bakery Limited (“CakeHR”, "We", “Us” and “Our”) remain fully committed to the protection of your and your Users’ privacy at all times. The information contained in this policy has been published to inform you of the way in which any Personal Data (as defined below) you provide us with or we collect from you will be used. Please read this information carefully in order to fully understand how we treat such Personal Data.

Please read this policy in conjunction with the Terms & Conditions for CakeHR (the “EULA”). When you access or use CakeHR, you agree to our privacy policy and you consent to our collection, storage, use and disclosure of your Personal Data for the purpose of making CakeHR and/or the Service available to you, in accordance with this policy. Any capitalised terms not defined in this policy shall have the same meanings given to them in the EULA.

We will collect, store, use and disclose Personal Data in accordance with all applicable laws relating to the protection of Personal Data, including the EU Data Protection Directive 95/46/EC, the EU General Data Protection Regulation 2016/679, the EU ePrivacy Directive 2002/58/EC as amended by Directive 2009/136/EC, as amended or superseded from time to time, and any national implementing legislation (“Data Protection Laws”).

For the purpose of Data Protection Laws, in relation to any Personal Data you or any Users submit to our platform, you will be the data controller and we will be a data processor of such Personal Data.

PERSONAL DATA WE MAY OBTAIN FROM YOU

“Personal Data” means any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

We may obtain and use the following Personal Data about you and anyone you chose to add to our platform:

  • Any correspondence we have with you and your Users should you or your Users contact us.

  • Data you or your Users provide when you fill out forms on our Website, including but not limited to data you provide when you register to become a user of the Service.

  • Data and information you or your Users submit or upload to CakeHR or the Service, including employee data (which may include, among other things, dates of birth, residential addresses, names, email addresses, telephone numbers, bank details, passport details, salary, a record of vacation & sick days).

  • Details of transactions made by you through the Website.

  • Responses to optional feedback surveys we ask you or Users to complete.

  • Details of your or your Users’ visits to our Website, which includes without limitation location and traffic data, weblogs, pages you access and other communication data.

You will be submitting and providing Client Data which may contain Personal Data (and potentially Sensitive Personal Data of Users and third parties. “Sensitive Personal Data” means any data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic or biometric data, data concerning health, data concerning sex life or sexual orientation and data concerning the commission or alleged commission of any offence.

You represent and warrant that you i) have the right to transfer such Personal Data (including Sensitive Personal Data, if applicable) to us for the purpose of receiving the Service; and ii) are solely responsible for obtaining all required consents, authorisations and permissions from such Users and third parties and providing all required notifications to such Users and third parties (where applicable) to enable you to provide such information to us and to grant to us the rights set forth in this privacy policy and the EULA. It is your responsibility to ensure that all such Users and third parties are aware of and accept the terms of this policy and that you have obtained explicit and informed consent of Users to our processing any of their Sensitive Personal Data in accordance with this policy and the EULA. You may not provide us with any Client Data or other information containing Personal Data of Users or third parties unless and until you have obtained all necessary consents, authorisations and permissions to do so.

You agree to indemnify us in accordance with Clause 14 of the EULA for any claims made by any Users arising from any unauthorised access or accidental loss, damage, corruption or disclosure of Client Data arising from or in connection with your and/ or our use or disclosure of Client Data.

COOKIES AND IP ADDRESSES

We may obtain information about your and your Users’ computer, which includes your and your Users’ IP address, browser type and operating system where available. This accumulation of data is used to assist system administration.

We may also collect information regarding your or your Users’ browsing activity and interests through use of a cookie file. This cookie file is stored on the hard drive of your or your Users’ computer, and contains information that is transferred to your or your Users’ computer's hard drive. We use the collection of this data to help us improve the experience of users on our Website and Service, and to deliver a more personalised service with more relevant content. The collection of this data allows us to:

  • store data indicative of your or your Users’ preferences, allowing us to adjust our Website to appeal to your individual interests; estimate the size and usage patterns of our audience;

  • record the details of any transactions carried out by you through our Website;

  • identify you or your Users upon your/their return to our Website;

We use the following cookies:

  • Strictly necessary cookies. These are cookies that are required for the operation of our Website and Service. They include, for example, cookies that enable you or your Users to log into secure areas of our Website or Service.

  • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our Website and Service when they are using it. This helps us to improve the way our Website and Service works.

  • Functionality cookies. These are used to recognise you and your Users when you/they return to our Website. This enables us to personalise our content for you and your Users, greet you and your Users by name and remember your/their preferences.

  • Targeting cookies. These cookies record your and your Users’ visit to our Website, the pages you and your Users have visited and the links you and your Users have followed. We will use this information to make our Website and the advertising displayed on it (if any) more relevant to your and your Users’ interests. We may also share this information with third parties for this purpose.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies. You and your Users remain entitled to refuse cookies by adjusting your browser settings accordingly. Doing so however may restrict your and your Users’ access to certain areas within our Website or Service. Unless you or your Users adjust your/their browser settings to refuse cookies, our system will issue cookies when you/they log on to our Website.

WHERE WE STORE PERSONAL DATA

The Personal Data we obtain from you and your Users (including, without limitation, Client Data) may be moved to and stored at a destination within the European Economic Area ("EEA"). Staff members operating within the EEA who work for or on behalf of us may process this information. Such staff members may, among other things, be involved in the processing of payment details, the provision of support services and the delivery of your and your Users’ request(s) for us to provide the Service.

Without limiting the foregoing, you agree that Personal Data we obtain from you and your Users (including, without limitation, Client Data) may be processed by our service providers based in, countries outside of the EEA for the purposes of providing you with the Service. Such countries may not have laws offering the same level of protection for Personal Data as those inside the EEA; however where such transfers of data occur, we will take steps to prevent the transfer of Personal Data without adequate safeguards being put in place and will ensure that your and your Users’ Personal Data collected in the EEA and transferred internationally is afforded the same level of protection as it would be inside the EEA. For further information on, or a copy of, the adequate safeguards adopted by us for the international transfer of Personal Data, please email [email protected]

We store the Personal Data you and your Users provide us with on our secure servers. In the event of us giving you or your Users (or you/they choosing) a password which grants you/them access to specific areas within our Website or Service, it remains your/their responsibility to maintain the confidentiality of this password. This includes the responsibility to refrain from sharing your/their password with other parties.

As the transmission of data via the Internet cannot be assumed completely secure, we cannot guarantee the security of any of your or your Users’ data transmitted to our Website or Service; you are therefore responsible for any risk associated with such transmission. We will however at all times take all reasonable steps to ensure the transmission of your and your Users’ data is executed as securely as possible, and upon receipt of your/their data we will continue at all times to enforce strict security procedures and features in an attempt to prevent any unauthorised access.

HOW WE PROTECT YOUR PERSONAL DATA

We will take reasonable steps to maintain appropriate technical and organizational measures to protect the Personal Data you provide to us against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your Personal Data.

HOW WE USE YOUR PERSONAL DATA

The Personal Data we hold about you and your Users may be used in any of the following ways:

  • To provide you and your Users with the Service, including administration and management of your account.

  • To allow you to upload, store and access Client Data.

  • To enable Users to access certain aspects of CakeHR and limited Client Data pertinent to themselves.

  • To provide you and Users with user support.

  • To moderate your account.

  • For research and analytics purposes (for example, to improve the quality of the Service).

  • To ensure security for you, the Users, our staff and other users of the Service.

  • To comply with applicable Laws, court orders, government and law enforcement agencies’ requests.

  • To send you further information about our services for which we think you may have an interest. This information will be supplied only where you have given consent.

  • To send you further information about our services based on a request we have received from you.

  • To fulfil the obligations we have in relation to any contracts we have in place with you (including, without limitation, the EULA).

  • To provide you with notification about any changes to the Service.

We will never supply your or your Users’ Personal Data to third parties unless under the conditions stated beneath this section of our privacy policy. Notwithstanding the foregoing, you acknowledge and agree that we may aggregate and anonymise your, and your Users, Personal Data (excluding, for the avoidance of doubt, Sensitive Personal Data) and use and share such aggregated and anonymised Personal Data with third parties for statistical purposes and for the purpose of data analytics, product development, and/or Service improvement.

G SUITE

For those customers who use CakeHR with G Suite application, we use the following data:

  • Employee full names;

  • Email addresses (used to map & authenticate as users in CakeHR);

  • Access to Google Calendars (used to send time off events so they appear in Google Calendar);

We do not store any G Suite passwords.

Google user data are not shared with any unauthorised third parties outside our list of sub-processors.

YOUR RIGHTS

You retain the right to request us to refrain from processing your data for the purposes of marketing. To exercise such right, you may reply to any information we send you, detailing your request that we refrain from sending any marketing correspondence, or you can exercise this same right by contacting us electronically via email at [email protected] If at any time we intend to use your data for such marketing purposes however, it is standard practice for us to make you aware in advance of collecting such data.

We may at times provide links on our Website to third party websites, including without limitation those owned or managed by our partner networks, affiliates or advertisers. These websites have separate privacy policies, and we therefore cannot accept any responsibility for the content. As such, choosing to follow these links is a choice you make at your own risk, and we advise that you check these websites' individual privacy policies before submitting any personal data.

You retain at all times the right to access / amend / delete any Personal Data we hold about you or to exercise your right of data portability or to object to, or restrict, the purposes for which your Personal Data is processed on certain grounds. You may exercise this right by making a request in accordance with Data Protection Laws, by emailing [email protected] You may also lodge a complaint with the UK data protection regulator, the Information Commissioner should you be dissatisfied with the way that we handle your Personal Data.

You undertake to notify your Users of this privacy policy and of their rights under the Data Protection Law. We will provide you with reasonable assistance to enable you to comply and respond to a request, query or complaint from a User in relation to their Personal Data.

HOW LONG WE KEEP PERSONAL DATA FOR

We will keep your and your Users’ Personal Data for the duration of the Service and in accordance with your instructions. After your subscription to the Service is cancelled, we will keep backups of your Users' Personal Data for the next 12 months & they will be automatically deleted after that.

CHANGES TO OUR PRIVACY POLICY

If at any time we make a change to this policy, we will update this page to reflect such change. Where we feel it appropriate, we will notify you by email, however we recommend you review this page periodically to ensure you remain happy with the latest version.

QUESTIONS, COMMENTS AND GETTING IN TOUCH

We welcome any questions or comments in relation to this privacy policy, and advise you to send any such communication [email protected]

Start your free trial now

Easy setup
Free 14 day trial
Cancel any time

Trusted human resources partner