Alison Owen
by Alison Owen

GDPR agencies [Updated January 2019]

Rec Marketing Blog

Write "yes" on the following text-area to display the CTA section

In this series of blogs, we at Volcanic look at the eight principles concerning candidate rights under the GDPR, for GDPR agencies. This post looks at the two principles of Subject Access Requests or SARs and the rights in relation to automated decision making


The right of access - Subject Access Requests or SARs

Individuals have the right to access their personal data and supplementary information, which gives them the opportunity to verify the lawfulness of the processing.


What does this mean for me?

  • You must provide this information free of charge within one month of receiving the request.
  • Your website’s self service candidate dashboard can not only allow every individual to make their own subject access request; it also time and date stamps the request to log and record it, and also allows fully auditable records to be produced if required.


Rights in relation to automated decision making

The GDPR provides safeguards for individuals against the risk that a potentially damaging decision is taken without human intervention. To prevent this, it is important to identify whether any of your processing operations constitute automated decision making and consider whether you need to update your procedures to deal with the requirements of the GDPR.


What does this mean for me?

  • If you use automated decision making, you must declare this as part of your fair processing information or privacy policy.
  • This can be handled by your website at the first point of contact when a new candidate registers.


Download your free guide to GDPR for recruitment agencies. Or book a demo with us today.


Recruitment marketing

Like, Share, Comment, Repeat: Nurture your social presence.

Next story
Screenshot 2019 06 07 At 15