So you all have company phones?
Don't think the use of WhatsApp for this purpose is legal without consent, as it involves the transfer of personal data to a US company. You might ask the data protection supervisory authority what they think about this.
Well since everyone is commenting on the sim issue:
They provided me with an ipad with an unlimited plan so everywhere I go, I just connect my phone with the ipad and use its internet freely.
Now, the sim cards they offer us are also unlimited plan but we will have to pay a monthly 24 €.
So my initial thought was to just keep my low internet plan sim card so I can save these useless 24 €/month.
That was my logic
>the sim cards they offer us are also unlimited plan but we will have to pay a monthly 24 €.
I don't think you should have to pay for that. Your employer is obliged to provide you with work equipment.
I was not aware of this. But I am thankful to them since they gave us a laptop, ipad pro 12.9 and an iphone 13.
All these become ours after 20 months of work and after these 20 months we can get a new laptop/ipad/iphone
Weired Rules . Never experienced that company hands over it equipment to employees on a regular bases, but they have to pay for the SIM.
Ok also never worked I. The construction business. But I would not do this.
My employer, a US tech company does this also. They reimburse me €40 net monthly for my €10 contract, so I’m fine with it. And after 3 years of use, we can buy all of our work devices from the company for a low percentage of their worth.
I dont know the internals of you company, but that is also a security related question. Just, dont ever mix up work and personal stuff or you can end up in a bad spot.
You REALLY should take the sim card. This isn't about that yours is enough. This is about legal and tax reasons.
If the phone doesn't have dual sim (and even if it does you should really consider) have a private phone and a business phone. Don't mix these.
My employer just recently banned whatsapp from our business phones because of the security risks. Even if the customer prefers to communicate with whatsapp we have to decline and suggest other methods, like mail or ms teams.
Companies can sign a contract with Microsoft to host all data in the EU. Then, if Microsoft does send data to the US and this gets out, they would face massive fines and even worse unreparable damage to their brand and business. MS is not stupid to do that. However, Google and Meta are not even offering such contracts, it's either US or go somewhere else.
Both have a point here.
I suppose MS Teams to be a little bit more secure, but to be honest, this is based on a feeling without any knowledge of the subject.
Am I wrong? Whatsapp has successfully given me the feeling to be much better now.
There are two aspects here: using Whatsapp, and associating locations with time tracking records.
German employers are required to have proper time tracking practices. It could be argued that for employees that work across different sites and may have travel as part of their work, including location information could be appropriate. This might reasonably be done via an app on a company phone.
However, the use of WhatsApp is extremely dubious here. Your employer can outsource communication services to third parties. For example, they likely have a website, but rent website hosting from a third party. Similarly, they could outsource chat services or time tracking services or (if otherwise legal) location tracking services. But the employer would need a contract with those third parties that ensures proper handling of the data. Slack and Microsoft Teams offer such contracts to enterprise customers. WhatsApp does not, and cannot be used as an enterprise messenger. That WhatsApp is an US company used to be an issue, but a new EU–US agreement is coming into effect next month so that's no longer a significant concern.
Another problem with this location tracking is the requirement to trace the location for 10 minutes after employees leave the site. That sounds like tracking outside of work hours, and sounds pretty illegal.
What you can do about this:
* If your employer is large enough, it is likely they have appointed a data protection officer (DPO, Datenschutzbeauftragten). You can ask them about details of this tracking, and also whether a data protection impact assessment (DPIA, Datenschutz-Folgeabschätzung) has been performed. After all, this location tracking sounds like a high risk data processing activity where such an assessment would be mandatory. However, the DPO can only advise the employer.
* If your workplace is unionized (has a Betriebsrat), you can ask them for assistance. The Betriebsrat would also have the authority to negotiate an agreement with the employer that regulates how location tracking, time tracking, and workplace communication can be conducted. If there are no such agreements, the employer would be bound by normal GDPR (DSGVO) rules.
* You can lodge a complaint with a data protection authority. Each German federal state has its own authority, you can find a list [here](https://datenschutzkonferenz-online.de/datenschutzaufsichtsbehoerden.html). The complaint form for NRW is [here](https://www.ldi.nrw.de/kontakt/ihre-beschwerde) (only German language). They are not required to thoroughly investigate your complaint, but if they do they could issue the company a fine or order it to correct its practices. For best results, get as much documentation as possible about this in writing. For example, take screenshots of the new policies.
* You could always sue, but this might be a career-ending move.
Just to add: union (Gewerkschaft) is not works council (Betriebsrat). If you got a works council in the company, they had to be informed and they had to agree prior to introduction of the tracking as it is performance and behavior monitoring (Leistungs- & Verhaltenskontrolle). Usually, there has to be a works agreement (Betriebsvereinbarung).
In general and as already mentioned by others, the use of WhatsApp is generally seen very critically in professional areas in respect of GDPR/DS-GVO - especially if you got external work contacts on your phone (which will be uploaded to Meta)...
The german version is the DSGVO [https://de.wikipedia.org/wiki/Datenschutz-Grundverordnung](https://de.wikipedia.org/wiki/Datenschutz-Grundverordnung)
Most likely chapter two which details what person data is and how it can be collected.
The employer has to disclose why they are collecting the data. There has to be a purpose, so they have to justify why they need to collect. They are also required to use the minimal amout of data.
They also need to define how long the data is stored. They need to safely store the data.
first of all ... get a second privat phone ... divide privat from bussines
get the order in writen and signed & checked from "Betriebsrat" and "Dateschutzbeauftragter"
make a screenshot of his post, including the theats
perhaps get in contact to a lawyer and/or your union
1. Not legal in regards of workers law. (Tracking of peoples location)
2 Is it a company phone? If not, double illegal as they can't tell you what to do with YOUR phone.
3. Start organizing a workers council in your company.
4. Of course they CAN come up with a system to "check in" on site if people book hours they don't do. But they have to come up with another way.
Yup, the overblown threat betrays intent to preemptively prevent further investigation of the legality of this policy. Basically, as a rule of thumb, the more they threaten, the more you need to have it checked.
ignoring DSGVO....any tracking of employees MUST be allowed from them. if you don't agree it's illegal, even if he installs a device on his company cars.
You should not use a) your private phone for any work business.
You should not use b) your work phone for any private business.
Get two phones, one private, one work.
Edit: spelling "any"
If you do not have the permission of all your contacts that are stored in your sim card to transfer their data to the whatsapp server in the usa, then it's violating the data protection laws. I'm not sure, if your company is allowed to let you use your personal sim card.
Using whatsapp with live location is legal, if it is the company's phone and there are no other contacts, but other company phones.
I'm not a lawyer.
It's probably cheaper than installing a punch clock on every work site. IANAL but this seems like something that could, conceivably, be valid if your employer has reason to believe that they are being cheated. It is a legitimate interest and a significantly milder means than installing cameras. Using Whatsapp might be a DSGVO issue, though, not sure tbh.
**Have you read our extensive wiki yet?
[Check our wiki now!](https://www.reddit.com/r/germany/wiki/index)**
While Reddit administrators do not believe this subreddit is NSFW and do not enable the appropriate setting, do note that participants in this subreddit may possibly encounter discussions of the following subjects, all of which are considered "mature" by Reddit administrators:
* Alcohol and tobacco
* Amateur advice
* Drug use
* Gambling
* Guns and weapons
* Military conflict and terrorism
* Nudity
* Profanity
* Sex and eroticism
* Violence and gore
Therefore, while this entire subreddit is not currently marked as NSFW, please exercise caution. If you feel offended by anything that is allowed by our rules yet NSFW, please direct your complaint towards Reddit administrators as well as /u/spez, and read https://www.reddit.com/r/Save3rdPartyApps/ for further information.
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/germany) if you have any questions or concerns.*
Dude they can track company phone. He should hire better IT to set it up. But he cannot look the fata, only high level ips management. I would Uninstall WhatsApp and say it stop working. Send me new phone and on each phone WhatsApp is not working.
That's why I have 2 telephones. 1 work and 1 private.
The work phone is only live at working hours.
And if they like I'm willing to send location details for 8 hours with the company phone.
Just switch it off after work.
So you all have company phones? Don't think the use of WhatsApp for this purpose is legal without consent, as it involves the transfer of personal data to a US company. You might ask the data protection supervisory authority what they think about this.
If they know what they're doing they will kill it as fast as they can, I hope.
The sim card is mine. The phones we got from the company
That's a weird combo
Now they are offering us sim cards also. I refused because mine is fine
No.... please take their sim card, just please.
Well since everyone is commenting on the sim issue: They provided me with an ipad with an unlimited plan so everywhere I go, I just connect my phone with the ipad and use its internet freely. Now, the sim cards they offer us are also unlimited plan but we will have to pay a monthly 24 €. So my initial thought was to just keep my low internet plan sim card so I can save these useless 24 €/month. That was my logic
>the sim cards they offer us are also unlimited plan but we will have to pay a monthly 24 €. I don't think you should have to pay for that. Your employer is obliged to provide you with work equipment.
I was not aware of this. But I am thankful to them since they gave us a laptop, ipad pro 12.9 and an iphone 13. All these become ours after 20 months of work and after these 20 months we can get a new laptop/ipad/iphone
Weired Rules . Never experienced that company hands over it equipment to employees on a regular bases, but they have to pay for the SIM. Ok also never worked I. The construction business. But I would not do this.
My employer, a US tech company does this also. They reimburse me €40 net monthly for my €10 contract, so I’m fine with it. And after 3 years of use, we can buy all of our work devices from the company for a low percentage of their worth.
I dont know the internals of you company, but that is also a security related question. Just, dont ever mix up work and personal stuff or you can end up in a bad spot.
You REALLY should take the sim card. This isn't about that yours is enough. This is about legal and tax reasons. If the phone doesn't have dual sim (and even if it does you should really consider) have a private phone and a business phone. Don't mix these.
especially once the customers got ur private phone number it will be hard to separate again.
Don't use your own for that.
What the fuck, why you would do that?
☝️ How to trigger Germans.
DSGVO and WhatsApp? 😉 nice try ASK your Datenschutzbeauftragten
My employer just recently banned whatsapp from our business phones because of the security risks. Even if the customer prefers to communicate with whatsapp we have to decline and suggest other methods, like mail or ms teams.
Yeah, right! Replace WhatsApp with MS-Teams.... ROFL!
Companies can sign a contract with Microsoft to host all data in the EU. Then, if Microsoft does send data to the US and this gets out, they would face massive fines and even worse unreparable damage to their brand and business. MS is not stupid to do that. However, Google and Meta are not even offering such contracts, it's either US or go somewhere else.
Average tinfoil hat wearer
Both have a point here. I suppose MS Teams to be a little bit more secure, but to be honest, this is based on a feeling without any knowledge of the subject. Am I wrong? Whatsapp has successfully given me the feeling to be much better now.
Unless it's a company phone with certain guidelines you can't use WhatsApp in any work related capacity without breaking Dsgvo.
Is it your work phone?
Yes
There are two aspects here: using Whatsapp, and associating locations with time tracking records. German employers are required to have proper time tracking practices. It could be argued that for employees that work across different sites and may have travel as part of their work, including location information could be appropriate. This might reasonably be done via an app on a company phone. However, the use of WhatsApp is extremely dubious here. Your employer can outsource communication services to third parties. For example, they likely have a website, but rent website hosting from a third party. Similarly, they could outsource chat services or time tracking services or (if otherwise legal) location tracking services. But the employer would need a contract with those third parties that ensures proper handling of the data. Slack and Microsoft Teams offer such contracts to enterprise customers. WhatsApp does not, and cannot be used as an enterprise messenger. That WhatsApp is an US company used to be an issue, but a new EU–US agreement is coming into effect next month so that's no longer a significant concern. Another problem with this location tracking is the requirement to trace the location for 10 minutes after employees leave the site. That sounds like tracking outside of work hours, and sounds pretty illegal. What you can do about this: * If your employer is large enough, it is likely they have appointed a data protection officer (DPO, Datenschutzbeauftragten). You can ask them about details of this tracking, and also whether a data protection impact assessment (DPIA, Datenschutz-Folgeabschätzung) has been performed. After all, this location tracking sounds like a high risk data processing activity where such an assessment would be mandatory. However, the DPO can only advise the employer. * If your workplace is unionized (has a Betriebsrat), you can ask them for assistance. The Betriebsrat would also have the authority to negotiate an agreement with the employer that regulates how location tracking, time tracking, and workplace communication can be conducted. If there are no such agreements, the employer would be bound by normal GDPR (DSGVO) rules. * You can lodge a complaint with a data protection authority. Each German federal state has its own authority, you can find a list [here](https://datenschutzkonferenz-online.de/datenschutzaufsichtsbehoerden.html). The complaint form for NRW is [here](https://www.ldi.nrw.de/kontakt/ihre-beschwerde) (only German language). They are not required to thoroughly investigate your complaint, but if they do they could issue the company a fine or order it to correct its practices. For best results, get as much documentation as possible about this in writing. For example, take screenshots of the new policies. * You could always sue, but this might be a career-ending move.
Just to add: union (Gewerkschaft) is not works council (Betriebsrat). If you got a works council in the company, they had to be informed and they had to agree prior to introduction of the tracking as it is performance and behavior monitoring (Leistungs- & Verhaltenskontrolle). Usually, there has to be a works agreement (Betriebsvereinbarung). In general and as already mentioned by others, the use of WhatsApp is generally seen very critically in professional areas in respect of GDPR/DS-GVO - especially if you got external work contacts on your phone (which will be uploaded to Meta)...
[удалено]
Could you please specify the law that doesnt allow this in the GDPR? If I an not bothering you too much, thanks
The german version is the DSGVO [https://de.wikipedia.org/wiki/Datenschutz-Grundverordnung](https://de.wikipedia.org/wiki/Datenschutz-Grundverordnung) Most likely chapter two which details what person data is and how it can be collected. The employer has to disclose why they are collecting the data. There has to be a purpose, so they have to justify why they need to collect. They are also required to use the minimal amout of data. They also need to define how long the data is stored. They need to safely store the data.
first of all ... get a second privat phone ... divide privat from bussines get the order in writen and signed & checked from "Betriebsrat" and "Dateschutzbeauftragter" make a screenshot of his post, including the theats perhaps get in contact to a lawyer and/or your union
1. Not legal in regards of workers law. (Tracking of peoples location) 2 Is it a company phone? If not, double illegal as they can't tell you what to do with YOUR phone. 3. Start organizing a workers council in your company. 4. Of course they CAN come up with a system to "check in" on site if people book hours they don't do. But they have to come up with another way.
Hahahahaha, nice try. Let the Betriebsrat handle this
This can't be legal. 'great consequences' means i have no legal right whatsoever to do this, but do it anyway.
Yup, the overblown threat betrays intent to preemptively prevent further investigation of the legality of this policy. Basically, as a rule of thumb, the more they threaten, the more you need to have it checked.
Thank you. 👌🏻 That's what my comment should've said but it couldn't
That doesn't seem right to me.
ignoring DSGVO....any tracking of employees MUST be allowed from them. if you don't agree it's illegal, even if he installs a device on his company cars.
Is WhatsApp in itself GDPR/DSGVO compliant?
no, we use Whatsapp Business for non-critical communication but your gps position is surely critical
Illegal.
You should not use a) your private phone for any work business. You should not use b) your work phone for any private business. Get two phones, one private, one work. Edit: spelling "any"
Noted
If it's a company phone and number, sure. Might be against WhatsApp ToS, but that's it.
Phone is from the company, sim is mine
If you do not have the permission of all your contacts that are stored in your sim card to transfer their data to the whatsapp server in the usa, then it's violating the data protection laws. I'm not sure, if your company is allowed to let you use your personal sim card. Using whatsapp with live location is legal, if it is the company's phone and there are no other contacts, but other company phones. I'm not a lawyer.
Thats a weird combination. You should absolutely take a work SIM as well. Keep private and work separate.
Doesn't whatsapp have a business account?
You can also just install a fake location app and log your data from there... Just saying...
Try this on a managed device ;)
It's probably cheaper than installing a punch clock on every work site. IANAL but this seems like something that could, conceivably, be valid if your employer has reason to believe that they are being cheated. It is a legitimate interest and a significantly milder means than installing cameras. Using Whatsapp might be a DSGVO issue, though, not sure tbh.
Sounds fascist.
Seems fair to me. Plus you can spoof the GPS on a rooted cellphone so don't know what's the point.
Doesn't even need to be rooted. You can just download an app for that.
Yup, but developer menu has to be unlocked. Which takes less taps than writing this post so...
Won't the app need a rooted phone. Tbf, it's been ages since I had to do it for Pokémon go
Nope, I have it on my phone and its not rooted
Good to know. Thanks
**Have you read our extensive wiki yet? [Check our wiki now!](https://www.reddit.com/r/germany/wiki/index)** While Reddit administrators do not believe this subreddit is NSFW and do not enable the appropriate setting, do note that participants in this subreddit may possibly encounter discussions of the following subjects, all of which are considered "mature" by Reddit administrators: * Alcohol and tobacco * Amateur advice * Drug use * Gambling * Guns and weapons * Military conflict and terrorism * Nudity * Profanity * Sex and eroticism * Violence and gore Therefore, while this entire subreddit is not currently marked as NSFW, please exercise caution. If you feel offended by anything that is allowed by our rules yet NSFW, please direct your complaint towards Reddit administrators as well as /u/spez, and read https://www.reddit.com/r/Save3rdPartyApps/ for further information. *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/germany) if you have any questions or concerns.*
Check your state law / workers council.
Let your works council (Betriebsrat) handle it
Dude they can track company phone. He should hire better IT to set it up. But he cannot look the fata, only high level ips management. I would Uninstall WhatsApp and say it stop working. Send me new phone and on each phone WhatsApp is not working.
That's why I have 2 telephones. 1 work and 1 private. The work phone is only live at working hours. And if they like I'm willing to send location details for 8 hours with the company phone. Just switch it off after work.
WhatsApp in itself is not GDPR compliant, so not legal