Xoxoday Empuls supports employee consent management through privacy policy acceptance, right-to-be-forgotten requests, and optional consent signals passed via client HR integrations.
Employee Data Onboarding and the Role of the HR System
Xoxoday Empuls receives employee data through your organisation’s HR system of record. When your organisation integrates with platforms such as Workday, SAP SuccessFactors, or Darwinbox, the employee master data — names, roles, departments, and reporting structures — is pushed into Xoxoday Empuls automatically. Because the HR system owns and manages this data before it reaches Xoxoday Empuls, initial consent collection is handled within your organisation’s existing HR workflows rather than at the point of platform provisioning.Employee Privacy Policy Acceptance
Once employees are provisioned in Xoxoday Empuls, they can be presented with the platform’s privacy policy on first login. Employees have the option to accept the privacy policy before accessing any recognition or rewards features, ensuring they are fully informed about how their data is used. This step is configurable by your organisation’s administrator and aligns with standard data transparency practices across enterprise deployments.Right to Be Forgotten
Xoxoday Empuls supports the right-to-be-forgotten principle in line with data privacy regulations such as GDPR. Employees who wish to have their personal data removed from the platform can submit a deletion request through the designated process. Once actioned, the employee’s identifiable data is purged from Xoxoday Empuls records, supporting your organisation’s compliance obligations without disrupting overall programme data or aggregate reporting.Passing Consent via Integration or API
For organisations that capture consent at the HR system level — for example, through a custom consent attribute in SAP SuccessFactors or Darwinbox — Xoxoday Empuls supports an optional consent flag as part of the incoming employee data payload. When this flag is present in the integration feed, Xoxoday Empuls uses it to determine whether to activate a given employee record in the system. This means your organisation can gate platform access on a per-employee basis, directly honouring consent decisions made upstream in your HR workflow. This consent attribute is supported both through standard file-based HR integrations and via API-based pipelines. If your organisation’s integration layer already captures a consent field, no additional API development is required — the attribute maps directly to the employee activation logic in Xoxoday Empuls.Compliance Posture
Xoxoday Empuls is certified under ISO 27001 and SOC 2 Type II, providing a strong security and privacy foundation for enterprise deployments. The consent acceptance, deletion, and integration-level consent flag mechanisms described above complement this posture, giving your organisation the controls needed to manage employee data responsibly across every stage of engagement programme participation.Learn more: Empuls Help Centre — General
HR System Integrations
Connect Workday, SAP SuccessFactors, Darwinbox, and other HRIS platforms to sync employee master data automatically.
Data Privacy and Compliance
Learn how Xoxoday Empuls maintains ISO 27001 and SOC 2 Type II certification and supports GDPR data subject rights.