The EU's General Data Protection Regulation (GDPR) has changed the handling of personal data since it came into force in 2018. For the recruitment industry, this is an important event and compliance with these rules is essential to protect the privacy of individuals. Here are three essential tips to safely navigate the GDPR framework in recruitment.
What is GDPR and how does it affect the recruitment industry?
GDPR, the European Union's General Data Protection Regulation, replaced the Personal Data Act (PUL) and changed the way companies process and protect personal data. These rules govern which data may be recorded, access to it and the length of storage.
The aim is to give individuals control over their personal data, and breaches by a company's incorrect handling of these can lead to fines of up to 20 million euros or four percent of the group's turnover.
Handling of Personal Data in Recruitment
A personal data is any information that can be linked to an individual, including name, address, contact details, CV and cover letter. An important rule is that no personal information may be stored without clear consent or another legal basis.
Such a legal basis may be that the person has entered into an agreement, such as in the case of employment. As an employer, you can store information based on the employment contract.
Practical measures for GDPR-compliant recruitment
In the recruitment process, you must ensure the security of the personal data you handle. This means reviewing the access, storage location, sharing and retention period of candidate data. Candidates have the right to request deletion of their data at any time.
Complying with the GDPR is a fundamental obligation for anyone working in recruitment. It is not only a legal requirement but also an ethical obligation to ensure that candidates' privacy is respected throughout the recruitment process.
By carefully following the GDPR guidelines, recruiters can ensure a smooth, responsible and legal handling of personal data throughout the process.
Higher – a 100% GDPR and Schrems II compliant recruitment tool
Higher is developed to be compliant with GDPR and the addendum called schrems II so that anyone who recruits in the recruitment tool Higher can feel safe that you handle personal data according to law. In contrast to having sensitive information in emails out of control, Higher automatically deletes personal data after two years and you can feel safe that no unauthorized person has access to all data. Higher thinks of all this so you don't have to!
Author: Nicklas Wikblad
Reviewer: Moa Jacobsson