Introduction

The European Union has taken a monumental step in protecting the fundamental right to privacy for every EU resident with the General Data Protection Regulation (GDPR) which will be effective from May 25, 2018. Simply put, EU residents will now have greater say over what, how, why, where, and when their personal data is used, processed, or disposed. This rule clarifies how the EU personal data laws apply even beyond the borders of the EU. Any organisation that works with EU residents’ personal data in any manner, irrespective of location, has obligations to protect their data. A Team Recruitment EA Ltd is well aware of its role in providing the right processes to support its clients and candidates and meet the GDPR mandates.

A Team Recruitments Commitment

We have always honoured our users’ right to data privacy and protection. This means that we have no necessity to collect and process users’ personal information beyond what is required for the functioning of our Services.

Over the years, we have demonstrated our commitment to data privacy and protection by meeting the industry standards for ISO 27001 and SOC 2 Type 2

 

How is A Team Recruitment preparing for GDPR?

We are gearing up to be GDPR compliant across all our applications, by the time the regulation comes into effect. As a data processor and controller, we understand its obligation to help clients and candidates get ready for the big day. We have thoroughly analysed GDPR requirements and have put in place a dedicated internal procedure to drive our organisation to meet them. Some of our ongoing initiatives are:

  • Providing visibility and transparency– The most important aspect of GDPR is how the collected data is used. As a data processor and controller, the key role is to provide our clients and candidates with the access to effectively manage and protect their user data. A Team Recruitment EA Ltd is exploring ways to provide better transparency to our candidates and clients.
  • Enhancing data integrity and security– Data privacy and data security are two sides of the same coin. A Team Recruitment EA Ltd uses industry-standard effort to safeguard the confidentiality of data, including encryption, firewalls and SSL (Secure Sockets Layer). We have implemented reasonable administrative, technical, and physical security controls to protect against the loss, misuse, or alteration of your data.
  • Portability and transferability of data– GDPR gives end users the right to either receive all the data provided and processed by the controller or delete their Information from our database.
  • Provide access controls
  • Encrypt, anonymize or delete user data
  • Perform data audits or assessments using data processing logs
  • Create provisions for data subject’s rights
  • Enhance security for user data

 

What have we done so far

  • Created a data privacy team to oversee GDPR activities and raise awareness
  • Reviewed current security and privacy processes in place & where applicable, revised our contracts with third parties & customers to meet the requirements of the GDPR
  • Identified the Personally Identifiable Information (PII)/Personal data that is being collected
  • Analysed how this information is being processed, stored, retained and deleted
  • Establish procedures to respond to data subjects when they exercise their rights
  • Establish & conduct Privacy Impact Assessment (PIA)
  • Created processes for data breach notification activities
  • Gained consent from out existing clients and candidates
  • Set up a privacy policy

What we need to do

  • We are very nearly there, we are now looking at how candidates and clients can login and change their information, update CVs or delete their data so they have full control.
  • Of course, this is a new process so there will, of course, be new things to learn and things will also change over the course of this process in time but we are fully committed to our candidates and clients and will do our best to for fill our duties