GDPR FAQ
If you have any questions related to your responsibilities or our compliance under GDPR, please see if they are answered here first
Q: Under GDPR Article 28, we are required to have a valid DPA (Data Processing Agreement) with any data processor we use. Where can we get this for Huma?
A: This is already in place! The overarching customer agreement (https://humahr.com/terms-of-service) includes a DPA (https://humahr.com/data-processing-agreement), as explicitly mentioned in ToS 1.1. This DPA is fully compliant with GDPR.
A:
- After 3 incorrect code entries, the code is invalidated and a new code must be requested.
- Code requests are rate-limited: You can request a maximum of 5 codes in 15 minutes.
- Security monitoring: We continuously monitor for repeated attempts and suspicious activity to protect your account.