Crelate and GDPR
Our mission is to empower and enable the process of connecting talent with opportunities all over the world. We believe that relationships and trust are paramount to the success of this mission.
The European Union (EU) General Data Protection Regulations (GDPR) is a comprehensive set of new privacy laws that come into effect on May 25, 2018. The GDPR mandates how companies collect, store and process the personal data of EU citizens. The law applies to any company that processes the personal data of EU citizens, regardless of the physical location of the company or whether it has any actual customers in the EU.
Our Commitment
Crelate is committed to complying with the requirements of a Data Processor under the GDPR. We are committed to providing our customers with tools and features that they can use to help achieve their own compliance as Data Controllers.
Helping our customers comply with the GDPR
Candidate Portal: We will expand our custom form capabilities to improve the consent gathering process. We will also make it easier to include links to your Recruitment Privacy Policy and customizable consent disclaimers of your choice.
Request Tracking: We will provide new capabilities to help you gather and manage requests from candidates (Data Subjects) to withdraw consent, make corrections, delete and provide data. This should make it easier to comply with the “Right to be forgotten” provisions of the GDPR.
Consent and Contacted Tracking: We will provide new visualizers and reports to make it easier to see who has provided consent and who has been contacted within a specific period of time.
Delete Changes:
Email Templates: We will review and enable the sending of templated emails throughout the product to better help you send necessary templates at the necessary time.
IMPORTANT NOTE: The above list is subject to change with or without notice. The features and capabilities
Asked
Questions
What is a Data Subject?
A “data subject” is an identified or identifiable natural person.
What is a Data Collector?
A data “controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
What is a Data Subject?
A “data subject” is an identified or identifiable natural person.
What is a Data Processor?
A data “processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Am I a Data Controller or a Data Processor?
As an employer or agency that collects candidate information, you are a Data Controller. Crelate is a Data Processor, as we provide software that processes the data you collect on behalf of our customers. The Data Controller determines that purpose and method of processing
What are my responsibilities as a Data Controller?
You should refer to your own legal professional for the specific GDPR requirements that will apply to you organization.
What data is protected under the GDPR?
As an employer or agency that collects candidate information, you are a Data Controller. Crelate is a Data Processor, as we provide software that processes the data you collect on behalf of our customers. The Data Controller determines that purpose and method of processing
When does the GDPR go into effect?
The European Union (EU) GDRP goes into effect throughout the EU Member States on May 25, 2018. The United Kingdom is also committed to staying compliant with the GDPR.
Is data stored outside of the EU GDPR compliant?
GDPR requires that data must be hosted in a country with a GDPR compatible framework that the EU recognizes as having “adequate” data protection laws. “The European Commission has so far recognized Andorra, Argentina, Canada (commercial
Does Crelate participate in Privacy Shield?
Yes, Crelate has enrolled, developed compliant policies, paid the necessary fees and self-certified as committed to the US Privacy Shield Framework. Click here to view our Privacy Shield status.