Write "yes" on the following text-area to display the CTA section
Any recruitment business thinking they can comfortably park the issue of GDPR for the next six or so months, hand it over to legal to come up with a miracle solution or - even worse - assume it won’t affect them needs to think again. Fast.
One thing is certain: the General Data Protection Regulation (GDPR) will become law on 25 May 2018 and will affect every business that processes people’s data.
The question every recruitment firm should be asking right now is, ‘How will the GDPR legislation affect me?”
Let’s be very clear. Unless you take action, you will be forbidden by law from May 2018 to process any data you hold on an individual without their opted-in consent.
GDPR represents a power shift. It places control in the individual’s hands to a far greater degree than under the current Data Protection Act.
Simply put, every business that either processes or controls personal data must now
And this is just a snapshot - a full set of GDPR principles defines all the legal requirements which will unfold over the coming weeks.
GDPR represents operational reform on a major scale and will require a fundamental change in the way every piece of a subject’s personal data is handled, protected and stored.
Personal data held by recruiters goes wider than you might think - far beyond just names, addresses and contact details. If you’re collecting information in cookies, or using IP addresses, for example, then that’s personal data. Implied consent to use that data is no longer enough. An individual must actively and unambiguously opt-in to agree for their data to be used and shared with a known end-destination. Ticking ‘I agree’ in the Terms and Conditions box, for example, doesn’t cut it.
At Volcanic, we are rolling out a GDPR-ready platform - starting now. Because of our extensive research into the GDPR principles, roles, responsibilities and requirements, we are well placed to help the recruitment sector navigate this legislation.
What to do first? We recommend that you don’t tackle GDPR all in one go. Start by carrying out a full assessment of your business in terms of data handling:
Hoping GDPR doesn’t apply to you is not a strategy - it’s not even an option. Check back in to read our blog post that explores our candidate-first approach to help you navigate the key GDPR requirement of Subject Access Requests.
Disclaimer: This blog sets out to share our general guidance on best practice in GDPR based on our extensive research and practical knowledge. It is not a legal document. We recommend that you seek expert legal advice before implementing your GDPR policy.