Crelate’s Commitment to the GDPR

Recruiting software to help data controllers comply with the GDPR.

Crelate and GDPR

Our mission is to empower and enable the process of connecting talent with opportunities the world over.  We believe that relationships and trust is paramount to the success of this mission. 

The European Union (EU) General Data Protection Regulations (GDPR) is a comprehensive set of new privacy laws that come into effect on May 25, 2018. The GDPR mandates how companies collect, store and process the personal data of EU citizens. The law applies to any company that processes the personal data of EU citizens, regardless of the physical location of the company or whether it has any actual customers in the EU.

.

Our Commitment

Crelate is committed to complying with the requirements of a Data Processor under the GDPR.  We will complete a review of our vendors, contracts, policies and products to ensure that we are fully in compliance with GDPR by the May 25, 2018 deadline. We are also committed to providing our customers with tools and features that they can use to help achieve their own compliance as Data Controllers.

Helping our customers comply with the GDPR

Crelate already provides many features that customers can use to help them comply with the GDPR. Our existing customizable application forms, portal disclaimer, email templates, delete and reporting capabilities already support these efforts. However, we plan to provide the following additional features to help make complying with the regulations even easier:

Candidate Portal: We will expand our custom form capabilities to improve the consent gathering process. We will also make it easier to include links to your Recruitment Privacy Policy and customizable consent disclaimers of your choice.

Request Tracking: We will provide new capabilities to help you gather and manage requests from candidates (Data Subjects) to withdraw consent, make corrections, delete and provide data. This should make it easier to comply with the “Right to be forgotten” provisions of the GDPR.

Consent and Contacted Tracking: We will provide new visualizers and reports to make it easier to see who has provided consent and who has been contacted within a specific period of time.

Delete Changes: Crelate already makes it easy to delete data in bulk. We will look to enhance our delete feature to allow the deletion of personal data, while maintaining the accuracy of your reports such as time in stage.

Email Templates: We will review and enable the sending of templated emails throughout the product to better help you send necessary templates at the necessary time.

 

IMPORTANT NOTE: The above list is subject to change with or without notice. The features and capabilities Crelate provides to help customers be compliant will change over time as best practices and market feedback dictate. Crelate does not claim to ensure our customer’s compliance with the GDRP. It is up to each customer to determine if the tools and capabilities we provide will meet their specific compliance requirements.

Disclaimer: This article and the information herein is provided “as is” without any warranty expressed or implied.  This article does NOT constitute legal advice. Crelate makes no claims that the information in this article is either complete or accurate. Crelate does not provide legal advice, and customers should consult with a their legal professional to determine their responsibilities under the GDPR.

Frequently
Asked
Questions

What is a Data Subject?

A “data subject” is an identified or identifiable natural person.

What is a Data Collector?

A data “controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

What is a Data Subject?

A “data subject” is an identified or identifiable natural person.

What is a Data Processor?

A data “processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Am I a Data Controller or a Data Processor?

As an employer or agency that collects candidate information, you are a Data Controller. Crelate is a Data Processor, as we provide software that processes the data you collect on behalf of our customers. The Data Controller determines that purpose and method of processing persona data, while the Data Processor processes that data on behalf of the Data Controller.

What are my responsibilities as a Data Controller?

You should refer to your own legal professional for the specific GDPR requirements that will apply to you organization.

What data is protected under the GDPR?

As an employer or agency that collects candidate information, you are a Data Controller. Crelate is a Data Processor, as we provide software that processes the data you collect on behalf of our customers. The Data Controller determines that purpose and method of processing persona data, while the Data Processor processes that data on behalf of the Data Controller.

When does the GDPR go into effect?

The European Union (EU) GDRP goes into effect throughout the EU Member States on May 25, 2018. The United Kingdom is also committed to staying compliant with the GDPR.

Does Crelate participate in Privacy Shield?

At this time, we are reviewing the process of joining and complying with the United States Privacy Shield Framework.

Additional GDPR Resources

GDPR Portal

www.eugdpr.org

GDPR on Wikipedia

en.wikipedia.org

GDPR News

www.google.com