New GDPR legislation is coming in May 2018 and will affect all digital data businesses (you’re a digital data business by the way, whether you realise it or not!). The change extends the current Data Protection Act, 1988 in the UK and is unaffected by the decision to leave the European Union.
The change has been signposted for some time but it’s only now that many organisations are waking up to the implications. Reverse Delta has been working hard on product changes to support client’s obligations under the law and has started discussions on rolling those changes out to the client base.
It’s important to note that Reverse Delta and our software is part of the solution for our client companies — it’s not the entire solution. Your business will have data protection concerns beyond your use of FXRecruiter …just thought it worth pointing out! This advice relates to Reverse Delta’s recruitment clients but much of the information is also relevant to anyone with a website holding personal data.
Do you want an electronic copy of your data? This generates a request to your site administrator by email for an electronic copy of the candidate data. It is your responsibility to supply that data.
» MOREWe don’t anticipate heavy use for this feature but it must be available.
Tip: this one’s a manual process. The request creates an email request to the site admin email address. You need to supply the candidate with a copy of their candidate record from FXRecruiter AND any other information held electronically elsewhere in your organisation (we can’t help with this part!).
Delete my data
Candidates must have the ability to delete their account completely – the ‘right to be forgotten’. All websites must have this ability. You also need to be able to do this on their behalf. The candidate dashboard has a Delete Account function. The Delete action is not reversible.
Tip: this is a one-time only function. Deleting the account is not reversible – it can’t be reversible under the terms of the legislation.
Candidates must have the ability to unsubscribe from email alerts easily. We make this as simple as possible by adding a one-click unsubscribe to the bottom of every email alert sent.
The unsubscribe takes candidates to a personalised web page showing their current subscriptions to confirm their removal. Because the page is personalised, candidates don’t need to login with their email address and password.
Tip: remove all or fine tune from the same place. Candidates can also fine tune their preferences if they don’t want to be completely removed, eg stop alerts for ‘Digital Marketing, London’ but keep the subscription for ‘Marketing, Manchester’
Lazy email alerts
Candidates can add their email addresses to be notified of job alerts without going through the full registration process. You will need the ability for these candidates to be deleted from your system.
Tip: people are lazy and need things quickly. We give them a link in their email alert to unsubscribe and totally erase their email record from your site’s database.
Registration form CMS element
We provide a CMS element that is shown as a preface to the ‘Registration’ or ‘Upload Your CV’ form. You can customise the text to reassure candidates that you are safe custodians of their data and correctly respect their privacy under GDPR legislation.
This is a simple option and we give you a ‘get you started’ boilerplate text, covering the basics. If you want to customise the language to your brand, that’s fine — it’s all in the Admin system for you to get the message just so.
Tip: keep the message simple. Keep it compliant but friendly, so candidates aren’t intimidated by the small print.
Related to the above. Your site has extra tickboxes, for example a sign-up to newsletter or blog updates option. These are also covered by GDPR and candidates should be able to manage each type of subscription separately.
Tip: let candidates and contacts fine tune their own preferences. They may have found a job now but want to stay in touch with you. The more people read your updates the better positioned you’re organisation is. If they share, even better.
This advice covers only the information held in FXRecruiter. You must also consider anywhere else candidate data is held within your organisation and have processes for managing it. This includes data exported from FXRecruiter and now held elsewhere. For example, candidate data exported to Excel from FXRecruiter. We don’t control that data, but you are still responsible for its management.
We can work with clients to customise the end user experience and admin to be exactly how they’d like it. Contact your account manager or support.
Resources from our FXRecruiter site