Above and beyond data protection
Remote Data Protection Guard offers industry-leading policies, processes, and controls that ensure compliance with the world's toughest privacy laws.
Personal data protection is a key consideration when selecting a global EOR provider
When it comes to collecting and storing some of the most important personal information about your company and hires--including pay figures, addresses, bank information, and government-issued IDs--you can never be too careful.
As the employer of record (EOR), Remote handles this responsibility using the most secure technology and practices available. You can rest assured that your data is safe.
%20Snippets%20Library/All%20snippets/(Approved)%20All%20snippets/broken-connect@2x.webp?width=1640&height=1640&name=broken-connect@2x.webp)
%20Icons/Icons%2024/eye_heart-icon_24.svg){kind=icon}
Remote's compliance efforts are overseen by a data protection team that actively manages compliance, reports key issues to the board, and meets regularly with 'privacy champions' in each department, from engineering to marketing.
%20Icons/Icons%2024/folder-check-icon_24.svg){kind=icon}
Remote operates a robust policy framework aligned with industry best practices, endorsed and supported by the board, and put into action by each member of staff. Our framework aims to embed data protection into every aspect of our organisation and emphasises the need to consider privacy every time a new product or service is built or changed.
%20Icons/Icons%2024/user-circle-icon_24.svg){kind=icon}
Every single member of our staff is trained and tested on data protection law and our specific privacy and security policies during onboarding and at regular intervals thereafter. Remote also provides additional department-specific training as needed. Our privacy champions raise awareness of best practices on a weekly basis.
%20Icons/Icons%2024/thumbs-up-icon_24.svg){kind=icon}
Remote is committed to fulfilling data subject rights requests in accordance with the EU General Data Protection Regulation, no matter whether such requests come from EU or non-EU residents. Our infrastructure was built to enable us to quickly and effectively scan our systems in order to action, track and log data subject rights requests.
%20Icons/Icons%2024/cloud-upload-icon_24.svg){kind=icon}
We say what we do and then we do what we say. Every processing activity. is outlined on our global website privacy policy as supplemented by various just-in-time privacy notices applicable to specific services or jurisdictions.
%20Icons/Icons%2024/warning-icon_24.svg){kind=icon}
Every single personal data processing activity, together with the lawful basis we rely on to do it, is documented in our comprehensive records of processing. The data protection team reviews these regularly together with the privacy champions in every department.
%20Icons/Icons%2024/unlock-icon_24.svg){kind=icon}
Every single personal data exchange between Remote and our clients, partners, and suppliers is subject to a binding legal data-sharing arrangement. Before any supplier is granted access to personal data, it goes through our robust vendor due diligence process. In addition, we conduct transfer impact assessments when sending information internationally and, where necessary, we or our partners implement supplementary measures to safeguard such transfers.
%20Icons/Icons%2024/folder-icon_24.svg){kind=icon}
Remote operates a number of risk registers (e.g. legal, business continuity, information security) that help us identify, record, and manage risks to personal data. All of our high-risk processing activities are subject to data protection impact assessments that are reviewed and improved on a regular basis.
%20Icons/Icons%2024/payroll-money-icon-pound_24.svg){kind=icon}
Remote is audited annually for SOC 2 compliance and our key systems are annually pen-tested.
%20Icons/Icons%2024/monitor-check-icon_24.svg){kind=icon}
Although our processes focus on breach prevention, we have processes in place to assess, manage and contain a data breach. Remote operates an in-house built breach reporting process available to every member of staff. Any incident that occurs is logged and made subject to a thorough breach assessment process, reviewed by our data protection, incident management, and information security teams.