Once you have employees, you will keep a personnel file on them and process the data from the employees in the course of payroll. Through this processing of data, employees also fall under the GDPR.
What else to keep in mind here is that you will probably not only process “normal” personal data from your employees, but also so-called special categories of personal data, such as the religious affiliation of your employees in order to be able to give them time off on the various holidays, or also the trade union affiliation, cf. Article 9.
These special categories of personal data also deserve special protection, as significant risks to fundamental rights and freedoms may arise in connection with their processing, e.g., publication of religious affiliation may lead to discrimination or harassment of a particular employee.