Which GDPR principles are important for your website?

Ensuring your recruitment website works for you will help data management and protect candidate rights 

 

There are eight principles concerning candidate rights under the GDPR. This post looks at the right to be informed and the right to rectification and which GDPR principles are important for your website. 

 

The right to be informed

The recruiter’s obligation to provide ‘fair processing information,’ typically through a privacy notice. We recommend that you review your current privacy policies and bring them up to date before the new data protection bill becomes law. They will need to be updated in line with the GDPR, and the Privacy Directive will be specific in this messaging.

 

What does this mean for me?

  • The onus is on the recruiter to inform individuals of their right to object at the first point of communication - and this can be handled automatically by your website.

  • Version control is important when adding and updating your privacy policies, to support pre and post Privacy Directive messaging as well as show which version of your policy the individual has consented to. This will give accurate data logging and audit control.

 

The right to rectification

The GDPR gives individuals the right to have the personal data corrected. If you have disclosed the personal datato third parties, you must inform that third party of these changes - where possible. You must also inform the candidates about the third parties to whom the data has been disclosed.

 

What does this mean for me?

  • You must respond to the request and action it within one month.

  • Your website can handle this for you as long as the candidate can access a self-service dashboard that allows the individual to login and manage their own data as they wish. 

Download your free guide to GDPR for recruitment agencies.