It all comes down to trust.
Payroll companies need to collect personal data in order to process payroll. Their clients must be able to trust them to protect that data and ensure privacy.
Failure to implement high standards of security could have far-reaching consequences for payroll clients and their employees, including financial loss, identity theft, and damage to the client’s reputation.
But what happens when a company hires Deel, one of Papaya’s competitors and its employee put those standards to the test? A recent post on Reddit reveals low security standards and a total lack of responsibility.
By contrast, Papaya’s high security standards shine brightly in comparison.
The employee’s biggest complaints include:
- Login password visible in clear text, indicating a failure to apply best practices.
- The payroll company’s terms of service deny any liability “for any losses or damage arising from unauthorized use of your account or password” – a far-reaching disclaimer that claims legal protection even in the event of a security breach.
The situation left the employee wondering if he should find a new job rather than leave his personal data in the hands a payroll company he doesn’t trust.
Papaya’s High Standards for Client Data Security and Privacy
Papaya Global places the highest priority on security and has many safeguards in place to ensure that our clients’ data remains safe and private.
Securing customer data, at rest and in transit, are core requirements for any cloud-based application. Papaya operates services in accordance with known security best practices.
On the Papaya Platform, passwords would never be visible in clear text. All data under Papaya’s control is encrypted end-to-end, which means that only those who have authorized access to the data are able to see it. If anyone attempts to steal the data, all they would see is a scramble of symbols that would make no sense and would reveal nothing about the data itself.
Papaya’s data is collected through encrypted forms within the Papaya Platform, so they are never exposed to anyone who does not require access to the information. When data is transferred, it is sent through secure HTTPS channels. When it is at rest, it is stored on encrypted S3 storage.
Papaya Global is ISO 27001 certified and the Papaya Platform resides on the AWS Cloud which is ISO and SSAE 16 certified.
Papaya’s Legal Liability
Unlike Deel, Papaya’s License Agreement, which sets the terms and conditions for using Papaya’s Platform, does not offer a blanket denial of all liability in the event of a hack attack (often referred to in legal documents as “unauthorized use”).
Papaya denies responsibly only if any damage due to unauthorized access “is caused by the company, its representatives, and its employees.”
In other words, if no one from the company was involved when a hack took place, Papaya assumes liability for the damages. That means Papaya has a vested interest in preventing any type of breach and will do everything it can to avoid it.
In contrast, when a company extends its disclaimer to “unauthorized use of your account or password,” it makes no distinction between who is responsible for a data breach and takes no responsibility in any case at all. It has no urgent need to provide the highest standard of protection because it does not share in the consequences.
Get the Papaya Experience in People, Payroll, and Payment Management
Papaya offers an end-to-end solution for the total workforce, supporting all types of global workers (payroll, EoR, and contractors) in over 140 countries.
Our automated, cloud-based SaaS payroll software provides an end-to-end solution, from onboarding and people management to payroll processing to payments.
The automated platform ensures payroll compliance, provides benefit management, and ensure data privacy in compliance with GDPR. Papaya’s knowledge center provides updated information on salary benchmarks, mandatory benefits, tax rates, and more – everything you need to know before hiring overseas.
Contact us for a strategic consultation on our global workforce management platform.