What’s GDPR all about?
You may already have heard about the General Data Protection Regulation (GDPR) arriving in 25 May 2018. This is a new regulatory framework governing anyone holding data about third parties — you, us, Tesco Clubcard, Amazon, Oxfam, everyone. This new legislation will remain unaffected by the UK leaving the EU. The new regulations build on the existing Data Protection Act, in force for the last 20 years. Evolution, not revolution.
Anything new is bound to cause uncertainty and fear, but the change has been signalled well in advance and the process of achieving compliance is well understood. We’re here to help you with the parts of the business related to Reverse Delta.
It affects your business beyond the website and your partnership with Reverse Delta as a data processor1, so you still need to take advice on a wider review of the business, perhaps taking legal advice where needed. GDPR is also an opportunity to be a good citizen as well as being driven by the legislation. Recruiters are in a marketing business and have a responsibility to behave well, both within the legislation and the wider ethical framework.
Candidates, clients and partners want reassurance that you are careful custodians of their data (data controllers2)…and also respect their right to be forgotten3 when the time comes. This reassurance makes you better people to do business with.
That said, compliance is a joint responsibility, shared between candidate, recruiter and website provider. All have a part to play and everyone should go into things with their eyes open (it makes no sense for a candidate to expect you to place them unless they explicitly share personal data with you).
It’s a chain thing – your vendors have to be your partners. That’s always been our ethos here. If your vendors aren’t GDPR ready then you’re not GDPR ready. The links in your chain will be different to those in our chain, but Reverse Delta will work with you to update your website for compliance.
The GDPR puts candidates at the heart of your business, making sure that their right to privacy is protected. Which is as it should be.
Prepared, not panicked
For those of us old enough to remember, it’s a lot like Y2K all over again – a terrifying prospect to some, but in the end the world kept on turning. Process was followed, changes made. We all got there by partnering with the right people.
What’s next for Reverse Delta customers?
What if you’re thinking of using Reverse Delta for a new website?
We’ve got it covered. Our latest stable core FXRecruiter software will be rolled out with a number of changes to allow you to fully meet the requirements of the GDPR framework.
- We’re here to help
- It’s a process to be followed and a shift in the way you do business
- It has to be done
- The clock is ticking, but you do have time
- Government has confirmed this will not be affected by the UK’s decision to leave the EU. Brexit makes no difference.
- GDPR will apply in the UK 25 May 2018.
- Government guidance:
- From the recruitment industry:
data processor1 — in relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller, eg a website provider.
data controller2 — means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be processed, eg a recruiter.
right to be forgotten3 — individuals have a right to have personal data erased and to prevent processing