GDPR Compliance Features

The General Data Protection Regulation (GDPR) is a primary EU law on data protection and privacy for all individuals within the European Union. It aims primarily to give citizens and residents back control over their data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

Terms in GDPR

The following are the key terms used in GDPR.

1. Data subjects

It would mean the candidate's information in general. "Personal data" would be any information that can be used to identify the data subject. This includes the candidate's resume, name, email, contact number, address, etc.

2. Controllers

It decides the purpose of processing personal data, such as for which job personal data will be used and the means to do that. Controllers could be direct employers or staffing agencies.

3. Processors

It would be recruiting software, ATS or any legal entity that possesses personal data on behalf of the controller.

4. Processing

It would mean any activity executed on personal data, such as storing, updating, or deleting information.

iSmartRecruit is a completely GDPR Complaint. To activate the GDPR, navigate to the "Admin" module from the menu on the left-hand side and select the "Other" tab, where you will find the GDPR option.

Navigation Link: https://app.ismartrecruit.com/admin

Once you enable this option, the system will take care of necessary information and actions that are necessary for GDPR Compliance like candidate consent, candidate rights, etc.

Navigation Link: https://app.ismartrecruit.com/gdpr

When you enable the GDPR setting, you can set the ‘Default Consent Period’ as per your policy.

Note: The values for the default consent period can be customized. Click on the + icon beside the Consent Period field.

GDPR Consent Expiry Notification

Administrators can enable the setting in the Admin section, which helps the recruiter receive notifications about consent expiry. You can also select team members to receive these notifications.

Applicant - Terms & Conditions

The recruitment agency or direct employer can frame the terms & conditions and configure them in the system configuration. Any applicant submitting the profile must accept the terms and conditions before submitting their application for a vacancy.

We advise you to include all necessary clauses in terms & conditions to safeguard your interest concerning GDPR.

You can also include terms about the applicant's consent to use his/her data for the necessary purpose and the duration of the consent.

An applicant will see the terms & conditions as shown below.

View the GDPR Consent Status for each Candidate

The System will display the candidate's consent status in the Candidate Search screen. The status could have one of the following values. You can see different-coloured GDPR status icons for different statuses.

Candidates with Consent: Green icon

Note: You can click on the icon to view the exact dates of GDPR Consent

Without Consent: Grey icon

Consent Expired: Red icon

Candidate Consent History

If you want to see consent history, just click on the GDPR icon.

Send an Email for a consent request

The system allows you to send emails to candidates to obtain their consent. You can send individual emails to candidates requesting their GDPR consent.

The candidate will receive an email with a link. By accessing this link, candidates can update their consent for GDPR.

Candidates' submitted responses will be updated in the system, and the user can see the current status of the request in the candidate profile.

Users can also search for Candidates based on their GDPR Consent Status in the Candidates Module. For more information, please refer to the article below, Advanced Search, on GDPR Search.

https://help.ismartrecruit.com/candidate-search/advance-search