GDPR Compliance
Our Role
Under GDPR:
- You (the organization) are the Data Controller
- Monwurx is the Data Processor
We process employee data only according to your instructions and for the purposes you specify.
GDPR Features in Monwurx
Consent Management
- Built-in consent collection when employees install the client
- Consent records stored for audit purposes
- Option to require consent re-confirmation periodically
Data Subject Rights
| Right | How Monwurx Supports It |
|---|---|
| Right of Access | Employees can view their own data; admins can export on request |
| Right to Rectification | Incorrect data can be updated in employee profiles |
| Right to Erasure | Complete data deletion available via Settings → Delete Data |
| Right to Portability | Export data in machine-readable formats (JSON, CSV) |
| Right to Object | Privacy mode allows employees to pause tracking |
Data Minimization
- Configurable screenshot intervals
- Option to disable specific tracking features
- Automatic blur for sensitive content
- Custom retention periods
Data Processing Agreement
We provide a GDPR-compliant Data Processing Agreement (DPA) that covers:
- Nature and purpose of processing
- Types of personal data processed
- Our security obligations
- Sub-processor disclosure
- Incident notification procedures
Download DPA: Go to Settings → Legal → Download DPA to get a signed copy.
EU Data Residency
Enterprise customers can choose EU-only data storage:
- Data stored in Frankfurt, Germany data center
- No cross-border transfers outside EU/EEA
- Compliant with Schrems II requirements