Documentation‎ > ‎Modules‎ > ‎

Module: GDPR

Even if you don’t live or work in the European Union, you’re sure to have heard about the GDPR, whether as a web user or the manager of a business with ties to the EU. The General Data Protection Regulation is multifaceted and complex, so here we’ll just focus on the addition of the GDPR module in BeeBole Timesheet, and how to use it. For more information on GDPR as it relates to BeeBole in general, you can visit our GDPR info page.

Where can I find the GDPR module in my BeeBole account?

The GDPR module will appear by default in the settings page of all companies using BeeBole, regardless of location. Administrators can reach their settings page by selecting Settings in the top right corner of their account. As with all modules, the GDPR module can be minimized or dragged and dropped where you want on the settings screen.

How long will BeeBole save my company’s timesheet data?

All of your company data and timesheet data will be saved and available on the platform for as long as you choose to keep it there. Unless you delete a user or cease using BeeBole, none of this data will ever be deleted.

How long does BeeBole save other types of data, like audit trails, logs, and backups?

BeeBole ensures maximum data security and has never suffered a data loss. We perform daily internal backups, the oldest of which are deleted after 30 days. This is not to say that your data over 30 days old will be deleted, but rather that at all times BeeBole keeps the 30 most recent data backups.

We also keep internal logs where database calls are registered and used for error analysis and system optimization. The oldest of these logs are deleted after 90 days. Logs and backups are internal data that are not seen or used by BeeBole users, and their deletion won’t affect your account or use of BeeBole in any way.

In terms of audit trail data (trace data of who is recording, deleting, approving, and rejecting hours, etc.), your company has several options. If you have selected the option to save audit trail data, by default this information will be saved for 90 days and then automatically deleted. However, if you need this information to be saved longer for legal purposes, you can uncheck “Delete audit trail logs older than 90 days” in the GDPR module, and this data will be saved indefinitely.

If your company is required to comply with DCAA regulation, the option to keep audit trail data for longer than 90 days is activated by default, and cannot be deactivated. This is to ensure that your company continues to comply with DCAA regulations.

How can I delete the data of a user / employee who requests it?

If an employee requests to have their data erased from BeeBole, company administrators have two options:

On the platform, an administrator may delete a user who has not recorded any time. To delete a user that has recorded time, the administrator must send a deletion request via email to When a user is deleted, their data will no longer be visible to anyone on the platform. However, as logs, errors, and audit trails are saved for 90 days, it will take this long before all data for a user is completely erased from the back-end of BeeBole.

The name of a user may be changed, so that data can longer be associated with them. Regardless, if this user is inactive all logs of their activity will be erased after 90 days.

How can I download the data of a user / employee who requests it?

With the GDPR, users have a Right to Access. That is, a right to receive confirmation as to whether or not their personal data is being processed, as well as a copy of said data in an electronic format.

If an employee requests a copy of their data, you can download it via the GDPR module. Just select a user from the drop-down list where it says “Select the person you want to download personal data for”. Then select the type of data you would like to download: audit and log data, or timesheet related data. Your download will begin automatically.

How do I assign a data protection officer for my company?

While it is not mandatory to have a data officer, you can assign one in BeeBole’s GDPR module. Simply enter the officer’s email address in the field where it says “Enter the email of a data officer, who will be contacted in the case of a data breach”.

If there is a data breach and you have not assigned a data officer, the account administrator(s) will be contacted instead.

What happens in the case of a data breach?

In its 10 years BeeBole is yet to have a data breach, so you can rest assured that this scenario is unlikely. However, if a breach occurs your company’s designated data protection officer will be notified by email within 72 hours. If you have not designated a data officer, this email will be sent to the account administrator(s).

Didn’t find the answer to your questions?

Don’t hesitate to contact us with any questions. You can do so via the chat window inside the app, or email us at We’re happy to help!