At Recruitee, we worked hard to prepare for the EU General Data Protection Regulation (GDPR) to ensure that we fulfill its obligations and maintain transparency about candidate messaging and how we use data.
Here’s an overview of GDPR and how we prepared for it at Recruitee:
The GDPR is a comprehensive data protection law that came into effect on May 25, 2018. It replaced existing EU law to strengthen the protection of “personal data” and the rights of the individual. It's a single set of rules which governs the processing and monitoring of EU data.
Does it affect me?
Yes, most likely. If you hold or process the data of any person in the EU, the GDPR will apply to you, whether you’re based in the EU or not.
How Recruitee prepared for GDPR
Our teams worked hard to ensure we complied with GDPR. This was a massive overhaul of processes and workflows to make sure we met our legal obligations and did the best thing for our customers, while still allowing us to move fast, scale, and build a great product.
Here are the main things we did:
We appointed a Data Security Officer and Legal Counsel
We have carefully selected an officer that has a deep understanding of our business and industry. From day one, they have been involved in various projects dedicated to GDPR compliance. One foundation we have laid together is having all Recruitee employees and all our business partners sign confidentiality agreements. Our Data Security Officer and Legal Counsel will continue to play an essential role in our product development.
We built new features
By including the legal aspects early on, we have been able to develop the new features at speed. One of the core GDPR features anonymizes candidates’ personal information, allowing full reporting of old candidate profiles you no longer hold. Another one lets you control how long you want to keep candidate data. There is also a feature allowing candidates to make requests when they want to access, remove, or correct their data in your database in Recruitee.
They are all part of the new framework we have devised with GDPR being the focal point. We view this as the basis for all our business activities. If you want to know more about this new framework, please contact us at firstname.lastname@example.org.
Feel free to reach out to us in the messenger if you have any questions about GDPR - we’d be happy to chat with you about it.