GDPR for Employees of Square Sellers
If you are a EU resident and are an employee of a business, under the GDPR (the new General Data Protection Regulation standardising EU data privacy and protection laws that comes into effect on 25th May 2018), you are entitled to make a data request from that business.
Take a look at Square’s GDPR FAQs for information on the GDPR and how it may apply to you.
Businesses that use Square are classified as data controllers of their employees’ data under the GDPR. If you have queries about the personal data that a Square seller holds about you, you should ask that Square seller to supply you with the information you need.
Under the GDPR, EU-resident individuals are entitled (subject to certain limits) to request the following from their employers:
If they hold any personal data about you and if yes, what information about you is being held;
To have any inaccuracies in the data corrected;
To have information erased;
To object to direct marketing or to processing of their personal data;
To restrict the processing of their information, including automated decision-making (i.e., a decision made solely by automated means without any human intervention) or profiling (i.e., automated processing of personal data to evaluate certain things about an individual); and
Data portability (to have data provided in a portable form to the individual requesting it or to have data sent to a third party at an individual’s request).
The Information Commissioner’s Office is the UK’s independent authority which oversees the data privacy rights of individuals. You can visit the Information Commissioner’s Office website to find helpful information about your data protection rights.
This article is intended to offer helpful guidance, and should not be interpreted as legal advice. You should consult a legal expert regarding your rights under GDPR.