Here are four easy steps towards GDPR compliance

It's 2018, the year of General Data Protection Regulation (GDPR). And Congratulations, you’ve survived! 

It’s now the calm after the storm, or is merely just the calm before the storm? Businesses were scrambling just a few weeks ago trying to be GDPR ready. Now that the General Data Protection Regulation has gone into effect, all is quiet as if nothing happened, but GDPR is alive and here to stay...
 

Did you know that fines for violating the new regulation can go up to €20 million or up to 4% of the company’s global revenue? Whichever is higher. If GDPR had been in effect years ago, companies like Yahoo and Ebay would have faced huge fines. It’s no surprise the LA Times took extreme measures and completely restricted access to their website for those in Europeans countries. As long as you're gathering and processing data from anyone in the EU, residents, citizens or even tourists, the law and fines apply to you.


If you’re a hiring manager or someone in staffing and recruiting, have you managed to get your recruitment processes GDPR compliant?

We at Happo launched a bunch of new features tied to making your recruitment easy in the new era of the European General Data Protection Regulation.

Here are 4 easy steps that can help with compliance:

1.    Sign up for an Applicant Tracking System (ATS) such as Happo

 

Using an ATS helps keep your processes in one platform. Happo puts all your candidates in one streamlined pipeline so that you no longer have an inbox or spreadsheet full of personal and sensitive information. With GDPR in effect, Europeans have more control over their personal data and their rights to privacy, so seeing all your applications in one place will make it easy for you to handle their data should a candidate ask to have a look, make changes or ask to have it removed altogether. 

‍Photo by Fernando Brasil on Unsplash

2.    Sign a Data Processor Agreement (DPA)

When you start using Happo, we’ll have you e-sign a Data Processor Agreement (DPA) between Happo and your business to clarify the roles of Data Controller and Data Processor. Our Data Processing Agreement explains everything around your data in Happo, what we do with it, what rights you have, what security measures we take, and everything else that might come with it.

You’ll just have to fill in the email address of an authorized signatory, typically a CEO, COO, DM, CFO, or a board member, and they’ll receive the document in their email to virtually sign.

You will also enter your registered company name in order for us to correctly handle and sync all your company processes. A registered company name would be something like Happo Group AB, The Walt Disney Company, Alphabet Inc.


3.   
Add your own privacy policies and terms and agreements for applicants to agree to when applying for your job.

 

Managing hiring processes will automatically put you in a position to deal with personal and sensitive information. With GDPR, you will need the candidate’s consent to store and process their data and therefore, Happo makes it easy for you upload your own documents for candidates to read and agree to when applying for a position.

 

You can easily upload or link them to Happo and access them at any time when creating an online application for your candidates.

 

4.    Set candidate data to automatically delete

 

You shouldn’t keep data forever. 

By default, all candidate data in Happo will be saved until the position or the specific candidate is deleted. Be in total control on how you handle data and set your own retention routines. Choose what data you want to keep and how long you want to keep it until it’s deleted.

If you want to keep a candidate's information longer than the candidate provided consent for, you can easily ask for consent through Happo.

Of course, this post is by no means a form of legal advice, but simply our opinion based on our lawyer. If you must comply with GDPR, you should consult with your own legal advisor on best practices under the new law.

 

Handling your hiring processes in a GDPR compliant way may sound intimidating, but its a matter of putting the right tools in place when you start your hiring processes.

 

If you aren’t a customer yet and you’re looking for a better way to manage GDPR compliance as well as your recruiting process, we’d love to talk.

 

 Feature photo by Jake Hills 


About the author


Jante Diaz

You might also like...

The recruitment tool you need

Modern. Streamlined. Easy-to-use.

Learn more

TRUSTED BY