Is your Recruiting Data GDPR Compliant?
Non-compliance may result in fines of €20-million or 4% of worldwide revenue, whichever is greater. You need recruiting software designed for compliance.
Learn How
What is the GDPR?
The General Data Protection Regulation (GDPR) is intended to improve data protection for individuals in the EU. It regulates the way in which companies handle, store and / or process personal data. The regulation touches on all recruitment processes involving personal data from EU citizens. Most, if not all, of the information you collect or request from an EU applicant or candidate during your hiring process falls under this regulation.
What data is covered by the GDPR?
The regulation applies to the act of processing personal data, defined as “any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly indentify the person.”
Who should care about the GDPR?
All companies that conduct business in the EU are legally required to comply with the GDPR. So if you are hiring within the EU, thereby processing personal data of EU citizens, this applies to you.
What are the costs of not caring?
The GDPR requires organizations to be legally compliant in their data processing activities by May 31, 2018, or face severe fines of €20-million or 4% of worldwide revenue (whichever is greater).
Who is impacted by the GDPR?
The GDPR identifies and governs three groups that fall within business transactions, that either have personal data rights or personal data obligations under this regulation.
Data Subjects
Data Subjects are your applicants and candidates, who supply their personal data when pursuing employment opportunities with your company.
Data Controllers
You are the Data Controller, because you determine purpose, reason and type of information collected from your applicants and candidates.
Data Processors
SmartRecruiters is your data processor. Our platform serves to process the data you control and instruct us to collect as part of the hiring process.
Do you know the GDPR requirements?
Any of your data processing activities involving personal data of EU citizens must comply with these key GDPR principles to be lawfully permitted:
- Fair and lawful with transparency
- Explicitly specified
- Only what is necessary
- Current and accurate
- Limited retention
SmartRecruiters is your partner for data privacy
As your talent acquisition suite and designated data processor, we strive to offer innovative recruiting tools to manage your candidates and applicants in a way that supports your compliance objectives and caters to your hiring needs.
Compliant Hosting
SmartRecruiters offers European hosting centers for reducing the exposure of cross-border data transfers, providing our customers peace of mind for securely protecting their candidate data.
Data Agreements
SmartRecruiters fully supports the use of written Data Processing Agreements (DPA) for clarity around data processing activities and obligations.
Local Support
Customers benefit from European support and development resources with restricted data access of non-EU citizens.
Access
Customers can easily configure user permissions in the platform for access to their recruiting data, providing visibility only where needed.
Is your recruiting data GDPR compliant?
Read our SmartPaper for an in-depth overview of the GDPR and its potential impact on your recruiting data.
- What is the GDPR and who does it impact?
- How is compliance demonstrated?
- What are the specific obligations for data processing?
At SmartRecruiters, we believe hiring is success, which starts and ends with great people.
And while helping our customers propel their businesses forward by connecting with great talent, we also assist in protecting the data that is generated from your hiring activities. We are committed to helping our customers meet compliance objectives wherever their hiring activities take place.
Take the first step towards Hiring Success
