The General Data Protection Regulation (GDPR) is major EU law on data protection and privacy for all individuals within the European Union. The GDPR aims primarily to give control back to citizens and residents over their data and to simplify the regulatory environment for international business by unifying the regulation within the EU.
Terms in GDPR
The following are the key terms used in GDPR.
1. Data subjects
It would mean candidate information in general. “personal data” would be any information that can be used to identify the data subject. This includes the candidate's resume, name, email, contact number, address etc.
It decides the purpose of processing personal data like for which job personal data will be used and the means to do that. Controllers could be direct employers or staffing agencies.
It would be recruiting software, ATS, or any legal entity that processes personal data on behalf of the controller.
It would mean any activity executed on personal data, such as storing information, updating information, delete information.
iSmartRecruit is completely GDPR Compliant. Turn on the GDPR functionality in the system in the ‘Admin’ section from the left-hand side menu option and click on the 'Other' Tab.
Navigation Link: https://app.ismartrecruit.com/admin
Once you enable this option, the system will take care of necessary information and actions which are necessary for GDPR Compliance like candidate consent, candidate rights, etc.
Navigation Link: https://app.ismartrecruit.com/gdpr
When you enable the GDPR setting, you can set the ‘Default Consent Period’ as per your policy.
*Note: Default Consent Period, the values can be customizable. Click on the + icon beside the Consent Period field.
GDPR Consent Expiry Notification
Administrators can enable the setting in the Admin section, which helps the recruiter to get the notification about consent expiry. You can also select users from the team who would receive these notifications.
Applicant - Terms & Conditions
The recruitment agency or direct employer can frame the terms & conditions and configure that in the system configuration. Whenever any applicant submits the profile, the applicant has to accept the terms and conditions before submitting their application for a vacancy.
We advise you to include all necessary clauses in terms & conditions to safeguard your interest concerning GDPR.
You can also include terms about consent from the applicant to use his/her data for the necessary purpose and consent duration.
An applicant will see the terms & conditions as shown below.
The System will display the consent status of the candidate in the Candidate Search screen. The status could have one of the following values. You can see different coloured GDPR status icons concerning different statuses.
Candidates with Consent: Green icon
*Note: You can click on the icon to view the exact dates of GDPR Consent
Without Consent: Grey icon
Consent Expired: Red icon
Candidate Consent History
If you want to see consent history just click on the GDPR icon and it will show the history of consent.
The system allows you to send emails to candidates for getting consent from them. You can send individual emails to a candidate requesting their GDPR consent.
The candidate will get a link through email. By accessing this link, candidates can update their consent for GDPR.
The submitted response of candidates will get updated in the system and the user can see the current status of the request in the candidate profile.
Users can also search for Candidates based don't their GDPR Consent Status in the Candidates Module. Please refer to the topic of GDPR Search in the below article of Advanced Search for more information on this.
To have summarised information on the total count of candidates for each candidate's GDPR compliance, you can add a widget on your Dashboard.
Navigation Link: https://app.ismartrecruit.com/dashboard
This is the best report to track the status of the GDPR consent request for a particular duration.
Navigation Link: https://app.ismartrecruit.com/gdprReport
Choose report parameters like Duration, Job title, and GDPR status to generate the report.