Skip to content

Data Protection & Privacy Compliance

At WebWork, the security and privacy of your data are a top priority. WebWork Time Tracker is compliant with the major data protection regulations that apply to our customers — GDPR (EU), HIPAA (US healthcare), and CCPA (California). This page is a quick overview and the place to start if you need to exercise your privacy rights or request a Business Associate Agreement.

GDPR Compliance

WebWork complies with the EU’s General Data Protection Regulation (GDPR). We only collect the data that is necessary to deliver the service you pay for, and we protect it across our entire infrastructure (hardware and software).

For the full statement of our GDPR program, see WebWork’s GDPR page. For details on what data we collect and how we use it, see our Privacy Policy.

How to request deletion of your data

To file a data deletion request, or for any other question about how your data is used, contact:

HIPAA Compliance

WebWork Time Tracker complies with the Health Insurance Portability and Accountability Act (HIPAA), as amended by the HITECH Act and all associated regulations. We offer a Business Associate Agreement (BAA) to support compliance for healthcare organizations and their business associates.

For the full statement, see WebWork’s HIPAA page.

How to request a signed BAA

If your organization requires a signed BAA, please contact our support team.

CCPA Compliance

WebWork complies with the California Consumer Privacy Act (CCPA). California residents can exercise the following rights over their personal information:

  • Right to Know — what personal information we collect about you
  • Right to Delete — request deletion of your personal information
  • Right to Non-Discrimination — exercise your privacy rights without facing any penalty or reduction in service

To exercise any of these rights, email our Data Protection Officer at [email protected]. For the full statement, see WebWork’s CCPA page.

Ongoing Commitment

Compliance is an ongoing process. We continuously review and improve our data-protection measures to keep pace with regulatory requirements — and to keep your trust.

Was this article helpful?