Important Info on TSheets and GDPR
Our most frequently asked questions
TSheets GDPR: Customer FAQs
Our policy is to comply with local laws that apply to our business related to the use of personal data and to ensure we meet the applicable standards set out in such laws.
For example, today we take a global approach to privacy and apply strict policies and practices to protect our customers’ personal data.
In addition, Intuit and TSheets apply our Data Stewardship Principles, which are guided by the essential core value that the data we are entrusted to protect belongs to our customers. Our values and approach to privacy and data protection have enabled us to successfully serve small businesses for many years, and we believe our implementation of GDPR will allow us to continue to earn our customers’ trust in the future.
Our policy is to comply with all laws that are applicable to our products and services. Here are the things that we have done with the GDPR in mind:
- We've implemented technical and organizational security measures to help keep your data secure;
- We've created a new Data Processing Agreement to help you meet your compliance needs;
- We've implemented additional tools and processes to help you exercise new data rights, such as the ability to delete data or ask for a copy of your data; and
- We've provided greater transparency on how we process personal information in our updated
Terms of Service and Privacy Statement.
In addition, we apply our own Data Stewardship Principles. These are guided by the essential value that the data entrusted to us belongs to our customers and their end users. Our values and approach to privacy and data protection have enabled us to successfully serve small businesses, accountants and bookkeepers for many years. We believe our implementation of GDPR allows us to continue to earn our customers' trust.
Every business is unique, and your GDPR compliance obligations will depend on many factors, including how you choose to collect, use, and share data about your employees. This is an evaluation that you will need to do based upon your unique circumstances. To help you assess whether our Services are right for you, we recommend you review the following:
- Our Terms of Service and Data Processing Agreement that set out how we will handle any personal information you trust us;
- Our technical and organizational security measures; and
- How you may take actions in our products to fulfill individual rights requests you may receive.
Our main data storage location is in the USA. However, we operate a global integrated business that requires data to be accessed from various locations globally by our internal teams and our trusted partners.
The GDPR does not preclude EU personal data being stored (or otherwise processed) in the USA, as long as there is a data transfer mechanism in place approved by the European Commission. One such approved data transfer mechanism is the EU-US Privacy Shield regime. Intuit is a certified member of the Privacy Shield scheme.
We certify to the EU-US Privacy Shield scheme for our use of personal data in the USA, and we apply guidelines and practices to protect all personal information, including the E.U.U.S. Privacy Shield Principles. To learn about the Privacy Shield principles, please visit www.Privacyshield.gov.
When it comes to our trusted service providers, our practice is to put contractual terms in place to ensure they follow our instructions and have appropriate security in place to protect the personal data we trust them with.