Skip to content
  • There are no suggestions because the search field is empty.

GDPR FAQ

If you have any questions related to your responsibilities or our compliance under GDPR, please see if they are answered here first

Q: Under GDPR Article 28, we are required to have a valid DPA (Data Processing Agreement) with any data processor we use. Where can we get this for Huma?

A: This is already in place! The overarching customer agreement (https://humahr.com/terms-of-service) includes a DPA (https://humahr.com/data-processing-agreement), as explicitly mentioned in ToS 1.1. This DPA is fully compliant with GDPR.

Q: When logging in to Huma with a code from email. How many times can a code be entered incorrectly before lockout?

A:
  • After 3 incorrect code entries, the code is invalidated and a new code must be requested.
  • Code requests are rate-limited: You can request a maximum of 5 codes in 15 minutes.
  • Security monitoring: We continuously monitor for repeated attempts and suspicious activity to protect your account.