AyMINE – Technical documentation
User Modules
Task, project & quality management
Manager approval with the task report
Why some data can't be deleted
Adminitration of areas, projects, calendars
Region / project / methodology
Change management process in a project
GDPR and record of qualifications
Qualification of user or contact
Right to Manage Qualifications
Methodology and Quality Management systems
What a methodology / QMS consists of
Customer Service Response Generation
Objects affected by the problem
Return project plan by baseline
Sample tasks and methodologies of the area
Effect of the task on the right to modify the attached object
The person responsible for the task
Working procedure – task definition
Objects related to the task pattern
Contacts and directories module (CRM)
orderSVG Order overview for customer groups
Web management and automation
Receiving a message from the web
Human resources
Human Resources module security
Manage department / division data
Synchronizing staff and system users
Products, assets and sales
Received order for goods or services
Finance management
Metrics and Measurements
Technical Modules
Sabre plugin module
Enterprise Architect connector
Database link to Enterprise Architect database
System Modules
The AyMINE Framework Module
Configure how your system looks and works
Gestures and Keyboard Shortcuts
More about how the system works
Private notes and tags for objects
Filtering in the list of records
System Management
Securing posts and internal discussions
Additional functions with files
Copying and moving files between objects
Files (documents) linked to the object
Formatted texts in the application
Gateway settings for external messages
IMP gateway settings for email communication
Internet Call Gateway Settings
GDPR and record of qualifications
GDPR is definitely relevant from the point of view of record of competencies and qualifications. Here we discuss the legal grounds for record-keeping
- Qualification of an internal worker from the point of view of GDPR
- Qualification of a former worker
- Candidate for a job and the processing of his/her data
- External Associate and GDPR
- Supply company
- Remember – distinguishing legal reasons is important
Every legal ground has its justification:
Qualification of an internal worker from the point of view of GDPR
For an internal worker, the legal grounds are:
-
Legal ground can be applied to qualifications that you have to check and secure by law. Typically these are qualifications of so-called tied trades / professions -
-
Welder,
-
Electrician,
-
Authorized engineer for a certain type of construction
-
Pharmacist
-
Forensic expert
-
Trained worker for OSH in a factory environment
If you provide services that are legally tied to a qualification, you must be able to prove that the worker has that qualification. -
Legitimate interest can be applied to qualifications that you need in your activities and for the provision of services you need to know who has that qualification and can be entrusted with the job. Typically these are qualifications
-
Graduates of courses for certain technologies (e.g. installation of solar systems, device diagnostics, etc.)
-
Language skills for projects that require them
-
Consent of the worker Consent is relevant for skills that are not needed by the company, but it may be useful to know that a worker has the skill. An example can be any of the skills listed above if the company does not need it
Qualification of a former worker
Even for a former worker, information on qualifications for which there were legal reasons must be kept. At least for as long as the activities that were bound to the qualification can be checked. In practice this means forever for many activities, because e.g. qualifications in the construction sector are checked even after decades when there is a problem (see e.g. collapse of a 30-year-old bridge)
Other groups of qualifications can only be kept on the basis of the worker's consent. It is important that this consent is given to you when you leave – the consent given for the time you are an employee must not be used, because with a significant change in the situation (termination of employment) such consent loses its validity. It is also important to remember that no consent can be given permanently, so at the latest after 5 years the data must be deleted or the consent (in writing) renewed.
Candidate for a job and the processing of his/her data
In the case of a candidate, all data are kept on the basis of the consent. This may be a mandatory part of the information provided by the candidate.
Remember that consent for the purpose of the selection procedure is not consent for long-term storage. These consents may not even be merged. You can stipulate that the candidate by providing data automatically consents to the processing of the data during the selection procedure, but you can only request consent to long-term storage of this data after the selection procedure has been completed and for a limited period. For example, the rejected candidate may agree to the retention of the qualifications for 3 years in order to be approached with a suitable job position.
External Associate and GDPR
Legal Reason If an external associate performs activities legally related to the qualifications with you, you are obliged to check the qualifications with him and to keep the data as if it were an internal employee.
As this is a legal reason, the associate has no right to request that you delete (forget) the data after the cooperation has ended.
All other types of qualifications are only covered by the possibility of consent. For example, you can register their language skills with external cooperating drivers based on consent, but this is not your legitimate interest.
Supply company
The provisions of the GDPR do not apply to the supply contract. In addition, the supply company is typically also itself liable for the services being supplied by qualified workers with compulsory education. As part of the contractual relationship, you can request the possibility of checking whether the work is supplied by a qualified worker, but the right to keep this data would have to be given to you directly by the worker, not by the company. A company is not entitled to give consent to any processing of data about its workers to other persons. It is understandable if a worker gives consent to his company to provide e.g. a CV to other companies, if this is important for obtaining contracts or work for the worker. (This applies not only to staffing agencies, but also to many other companies). However, this consent is not consent for the same data to be further processed by a third party.
Remember – distinguishing legal reasons is important
Since you have to delete some data, e.g. when a worker leaves, and others do not, it is important to monitor the legal reason for individual qualifications. It is also important to note that the same qualifications can be given to different workers for different legal reasons.
Example: A worker e.g. with a qualification for supervising building works:
- If you have accepted him to do this work for you, it is in your legitimate interest to manage the qualification documents. Upon the departure of a worker, the legitimate interest ceases.
- By the time you first use a worker as part of a building project, registration is already a legal obligation, as you may be required to prove his qualification
- If you are not a construction / engineering firm, but e.g. a staffing agency, you only keep the qualification on the basis of the worker's consent. This consent automatically ceases when the worker leaves, unless you conclude the consent on the departure.