The 25th May 2018 EU GDPR legislation always seemed a long way off. Plenty of time to get everything sorted, right? Now we’re less than 12 months away, concern is growing among business leaders in the struggle to untangle the impact of the forthcoming laws.
Recruiters store names, addresses, career history, salary information, passport details, the list goes on. To comply, it’s vital to demonstrate that you’re acting lawfully, with reason to handle personal data and with permission, control and processes in place.
Firstly, each individual must perform a clear affirmative action to give you permission to hold and process their information. Using pre-ticked website forms or assuming consent is not enough and does not constitute consent. The source must be verifiable, so you’ll need to keep records of how and when consent was given.
Individuals will have the right of access to their information free of charge and be entitled to have their data rectified if inaccurate or incomplete – or to be removed completely. If you have shared information with third parties then you must also inform them of the changes and be able to inform the individual about the organisations with whom their data has been shared.
This all points to having diligent practices, getting your CRM and marketing software right and making sure there are no ‘gaps’ in your processing. To protect yourself, start by understanding your processes today. Having that platform will help you get your teams ready and for your partners and suppliers to support you.
At Microdec, we are taking extensive steps to help our clients prepare for GDPR. For more information, please complete the Contact Us form and put GDPR in the comments box.