How Purtato anonymizes data
Purtato has made anonymization available within the platform to remove or modify personally identifiable information from its employers and other users. It results in any users’ action, comments, and operation data cannot be directly connected to certain individual, keeping a data origin to be non-identifiable, unreachable, or untrackable from by its employer.
Purpose
This purpose of anonymization is to allow an individual within an organization to be able to give feedback and comment to peers and the employer without concerning that the action/content is identifiable from an individual. This creates an environment of fairness and protection to avoid any discrimination or action from others where the system digitally hides the identity of an individual. We want the receiver of the content to focus on the content instead who the individual is
Purtato wants to promote a safe-guarded environment to all individuals to speak freely and truly for employer or other individuals to listen to understand and make improvement in the workspace environment.
Pseudonymization
Pseudonymization is a data management and de-identification procedure by which personally identifiable information fields (e.g., name, staff code) within a data record are replaced by an alias or pseudonyms. A single pseudonym for each replaced field or collection of replaced fields makes the data record less identifiable while remaining suitable for data analysis and data processing. It makes personal data processing easier, reducing the risk of exposing sensitive data to unauthorized personnel and employees
Use of data
User is notified with a feature is enabled with anonymization or provided with an option to go anonymize when using a feature. All corresponding data collected will not be displayed to other users or administrator (the employer) that can directly or indirectly identified to the user. Different approaches are used in different features including but not limited to:
- Using an alias instead of the user identity.
- Replace the identity with special symbols such as (*) instead of the user identity.
- Do not provide user-level data record but only display processed data analysis in aggregated level (e.g., department, gender, age group, etc.)
- Split one transaction into multiple micro-transactions.
- Delay the realization of a transaction to avoid identifiable through time.
Our terms & condition with corporate client
Purtato has signed an agreement with organizations (client) that have subscribed to the services of Purtato employee engagement platform, which includes the following terms & conditions:
- The organization (employer) has data ownership of the record generated in the system, but anonymized data will remain anonymized and will not be de-anonymize under any circumstances.
- Any request from the organization (employer) to de-anonymize data will be rejected by Purtato team.
- The organization (employer) will not be provided any access, export function or view function to data record that is classified as ‘anonymous.
Anonymization is just one process we use to maintain our commitment to user privacy. Other processes include strict controls on user data access, policies to control and limit joining of data sets that may identify users to ensure a consistent level of protection across the platform.