What about the new GDPR?

by Kevin Rebsdorf

October 10, 2017

On May 25 2018, the new EU General Data Protection Regulation (GDPR) will be enforced. This of course has an impact on the way you work with application/CV management. There are no real surprises and big changes in the way you are supposed to process personal data, but now you can be fined for not doing it correctly. At the same time the rules have been standardized across the EU. This means the requirements for processing data when managing applications has to be met.

What are the requirements?

It means you have to live up to GDPR. So what is it you have to be aware of? The most important things are:

  • You must inform the candidate about how you are using the data, and make sure you process it legally
  • The consent must be clear, and you must inform the candidate about how to recall the consent
  • You may only collect the data that is relevant
  • You must have a plan in case of a security breach
  • You can only process the data as long as you have really good reason to do so
  • You must process the data securely
  • You are responsible for third parties processing the data legally

So if you are still managing your application through an e-mail account you’ll have a problem. When receiving the application, the candidate hasn’t given its consent correctly which is a problem. In theory you can’t receive an application on paper anymore.

YoungCRM vs. GDPR?

We have been working with the new GDPR for quite some time now. This means that YoungCRM is build to live up to all the requirements. Here are some examples:

  • Your YoungCRM account is created with terms that meets all the requirements for giving a consent. The terms includes information on how the data is handled and for what purpose, who has access to it, how they call back their acceptance etc.
  • YoungCRM automatically reminds you to the delete data when it’s too old
  • You can manage user access and roles, so only the right people has access the data
  • You’re always able to find all the data about a person in one place and delete it, if a candidate wants to. This also enables you to quickly show the candidate what you know (which is also a requirement)
  • We enable the candidate to call back all information
  • We are very secure, and apply best practice on the matter
  • We have security procedures in place in case of any kind of data breach.
  • We automatically offer a data processing agreement, so we can support your account legally

Also we will work continuously give you advice on how to process data correctly.

Do you have any questions, then feel free to reach out.

“So if you are still managing your application through an e-mail account you’ll have a problem.”

Do you want to read more about this topic? Then these links might be helpful:

  • http://www.eugdpr.org/
  • http://www.osborneclarke.com/insights/the-eu-general-data-protection-regulation-how-does-it-apply-to-the-recruitment-sector-and-what-do-you-need-to-do-to-prepare/
Author

Kevin Rebsdorf

Kevin is the CEO of YoungCRM A/S. He co-founded YoungCRM in 2017, with Daniel Birkholm. Kevin & Daniel has a long history within talent recruitment, as they also own CompanYoung A/S which is a large recruitment marketing agency in Denmark. Kevin is closely involved with both our customers and product development.