aisling 999 wrote: » Hi all, long story but I ended up in mediation with a work colleague. She produced a copy of an old contract that I had years ago, that I had no idea she had or should have had. Have spoken to manager about this, but is there any thing else I should be doing. Thanks
Ohmeha wrote: » There is absolutely no justifiable reason for any colleague of yours to be in possession of on old contract of yours, all employment contract records should only be stored by your HR department I would suggest if you have a Union run the series of events by them and seek best advice. If you're not in a union and have already spoken to your manager await response from your manager but if you feel their response is not satisfactory you will ultimately have to decide if you feel it's required for pursuing an escalation to your HR department
Jim2007 wrote: » We don't even know if it was a in fact a breach... it was a company document, she is an employee and while you may not think that she should have access that does not mean that the company has broken the law in any way. What is your objective? You have made a complaint to management, was the outcome acceptable or not? If you make a complaint to the data commissioner, it will kick of an unwelcome inquiry with your employer... if you loose the complaint, who will you feel about it and what will your future relationship with your employer looking like? if you win, your employer gets a rap on the knuckles, may be pays a fine and then what, how do you see your relationship with your employer then?
Prominent_Dawg wrote: » Am I the only one wondering what the colleagues reason for having it was?
_Brian wrote: » Employees having access to documents about other employees when there is no business need is indeed a gdpr breach.
Jim2007 wrote: » And as I pointed out in my original post, we don't know the context nor even if it is a breach of the law.
Strumms wrote: » If the employee came into possession of it without authorization it’s a breach, theft. If the employer enabled the employee and authorized him to take it without a legitimate business reason it’s a breach of GDPR.
Esse85 wrote: » What if a company has contracts that include salary details, copies of drivers licence, and head shot photographs of employees stored on the cloud with no security and available for all to see?
Jim2007 wrote: » But you don't know any of this, the is the point. Until have factual information about the situation, your opinion is as useful as a chocolate tee pot.
Strumms wrote: » .... In a company the only people who should have access to my contract are management, HR & legal... line colleagues, the cleaners, receptionist and whoever else are just not entitled to see it. If they are given it, asked to go get it, told to read it it’s inappropriate and wrong.
Strumms wrote: » We know that the employee came into possession of another employees contract...
Strumms wrote: » We know that the employee came into possession of another employees contract...that they shouldn’t have procured it and they shouldn’t have been given it or taken it.
Mrs OBumble wrote: » In many small companies the receptionist performs some functions that an HR department would if it existed.
Jim2007 wrote: » No you don't. You don't know what was being discussed at the time and you don't know if the person should have had a copy and you don't know the company business. All you actually know is that the OP was unhappy to find out that this person had access to a copy of a contract. For all you know it could be a management consulting company where it is common for all sales guys to have access to CVs etc... because they will be submitting them in proposals to clients etc.... Making so may assumptions on such little information is nonsense.
Strumms wrote: » Your post is nonsense, there is not one reputable company sending their employee CVs or contracts to clients or prospective clients... an information pack of relevant information about an employee is fine... a CV, with work history, contact/personal information, college details... to customers? Get a grip, data protection forbids it... anyone trying that is widening their door to a massive lawsuit.