Events

Over the last few weeks, you might have noticed that you’ve been receiving a lot of emails from various websites and companies you have used over the years telling you they value your safety. Or asking you to re-sign up to newsletters, check your information or more. It’s not a coincidence and they’re not doing this for purely altruistic reasons to make you feel more secure.

In fact, it’s all because one of the most important pieces of web and data protection legislations has come into force. And from now on, any business that is found guilty of non-compliance could be subjected to huge fines. It’s called the GDPR and it’s being put into place across the European Union but has wider implications that affect businesses around the world. So just what is it and how does it affect the recruitment industry?

What is GDPR and why does it matter?

GDPR stands for General Data Protection Regulation, a new piece of legislation that has been designed to standardise data safety laws across Europe. Its aim is to protect and empower EU citizens and to change the way that organisations can use and store data. It affects all businesses and residents of the EU, and anyone who handles information or data from people in these regions – which is why it is being taken seriously across the world.

It matters because up until now there has been no formal or standardised law in place to protect our data online. And as recent events involving large corporations such as Facebook have shown, we can’t always trust organisations to keep our data safe or not use it in ways that may compromise our security.

The GDPR guarantees individuals certain rights with regards to their data. This includes the right to access, which allows people the right to a copy of any information held about them on request. The right to rectification allows people to have any incorrect information held about them to be immediately amended. The right to be forgotten gives people the right to have all their information removed from data storage. Other rights include data portability, objection and restriction of processing.

Basic GDPR terms relating to recruitment

In order to have a better understanding of how the GDPR might affect specifically the recruitment industry, it’s first worthwhile looking at some of the terms you might encounter. Having a good working knowledge of these terms will help everyone in the recruitment industry keep up to speed with the changes.

Personal data – this is any information that can be used to identify a person. For recruiters, the most common forms of personal data are a candidate’s phone number, email address and date of birth.

Data subjects – refers to candidates or anyone who provides personal information to a recruiter.

Data controllers – refers to the people who control this information and decide how to process it.

Data processors – are the people who handle the data on behalf of the data controllers. This could include recruitment software.

Data processing – refers to any action performed on personal data.

Why we are ready for GDPR

According to the new guidelines, recruiters and employers have new legal responsibilities regarding how they handle this information. So you need to make sure that your privacy notice is readily available to anyone applying for a job.

There are two important stages during the recruitment process that you need to pay special attention to. First, when a candidate applies for a position you need to provide them with contact information for you or your representatives. Second, you should explain how and why you are processing their data.

After receiving applications, you need to explain why you are storing their data, how long this will be for, and provide contact information in case they want access in the future. You also need to fully explain their rights in terms of constricting access.

When sourcing information from a website, there are also several steps and measures you need to make sure are in place in order to ensure GDPR compliance. These include:

Data collection: How, why and from where you are accessing the data

Ensuring a visible privacy policy for recruiting

Sourcing candidates online with care

Informing candidates if you wish to keep their data for long

Carrying out a complete scrutiny of your existing database

Ensuring your ATS provider (application tracking system) provider is also compliant

Above all, you need to be transparent and ensure that candidates are informed in the correct way at every stage of the process.

Benefits to job seekers and employers

Although it may seem like a lot to get your head around, the GDPR has several advantages for both recruiters and potential candidates. As a recruiter, by rethinking your database you may be making some important updates that will help you to work in a more open and streamlined way. It may also give you an improved insight into how your business works.

You will become ready to receive better quality data that will help you to track and locate strong candidates. A clean database means you’ll only be holding qualified individuals on your database. It will also hopefully mean you can deliver a better candidate experience.

Also, as a candidate, you will now be safe in the knowledge that your data is being handled sensitively and securely. The new rules have been put in place to protect us all, and despite it being a time of flux, it will hopefully lead to a better industry from now on.

Conclusion

So, as of May 2018 the GDPR is here, and it is going to change the way we all work forever. But the changes were necessary, and it should be seen as an advantage rather than a headache. To find out more about how to make your business GDPR compliant and how to manage the recruitment side of things in a way that benefits everyone, get in touch with a member of our team.