GDPR for HR

What is GDPR for HR?

GDPR for HR means handling employee personal data - contracts, salaries, performance notes - under the EU data-protection rules: a lawful basis, data minimisation, security, and employee rights like access and erasure.

HR holds some of the most sensitive data in a company, so it is squarely in GDPR scope. In practice that means a lawful basis for what you store, encryption of sensitive fields, an audit trail, and a way to honour access and erasure requests.

Where the data physically lives matters too: EU hosting avoids cross-border transfer complications.

Related terms

• Data Processing Agreement (DPA)
• Right to be forgotten (right to erasure)
• EU data residency
• Subprocessor
• HR audit log

See also

• HREvio vs BambooHR
• HREvio vs Deel