RecruiterWEB has worked directly with the ICO and other recognised GDPR experts for the recruitment space to validate our approach to GDPR. We are pleased to say we passed with flying colours, but we are ready for further change as the law evolves.
RecruiterWEB acts as a Data Processor for its clients and have prepared our websites to accommodate your needs to process inline with the needs of GDPR. Our systems have taken a ‘Privacy by Design’ approach, so minimum data is taken through the RecruiterWEB products to meet all parties needs, the data is then kept on our platform for the minimum period of time needed to complete functions like applying for jobs, setting job alerts, entering time sheets etc.
All data is sent by secure methods with recognised encryption standards to our clients. Once receipt of the data has been received by your chosen end system (your ATS, job posting partner etc) the data is then securely deleted from our systems. Furthermore the data is processed at a code level with no human intervention/access by RecruiterWEB staff during general site operation.
If you are looking to process Consent via your website then there are features we can provide, however we also work with a 3rd Party software vendor who specialises in Consent within the recruitment space. The value of a 3rd Party system for Consent is you meet the requirements of the ICO/GDPR to keep your Consent process separate from any other process.
If you favour the Legitimate Interest path then our websites are set up in default mode to process personal data inline with Legitimate Interest principals.
GDPR & Your Candidates, Clients & Suppliers
We have tools and features that permit your clients, candidates and suppliers to deal with SARS, request to be forgotten etc.
RecruiterWEB have partnered with a team of GDPR experts who have recruitment sector knowledge, along with our knowledge and naturally your own, that will make for a team who can ensure you are compliant while still being able to trade and then flourish under GDPR.
Employees & Supply Chain
RecruiterWEB employees have been trained in the relevant aspects of GDRP, data privacy etc and we seeking a qualification under Cyber Essentials in 2018.
The servers we operate are based in Germany and the supplier has been vetted for GDPR compliance, in Germany the DPO has to be qualified and the vendor we have partnered with for the past 9 years has been through staff training for GDPR and their DPO is qualified.
We are insured with Hiscox a respected name in the business insurance market and as more protections come to market in terms of insurance that relate to GDPR exposure then we will take on the relevant cover. For now we have Professional indemnity insurance, Public liability insurance, Employers’ liability insurance and Cyber and data risks insurance.