GDPR is here.

If you do business in the European Union, you’ve surely heard of the General Data Protection Regulation (GDPR) by now. And if you have not heard about GDPR, It is the most significant piece data protection legislation to ever come into force.

The goal of GDPR is to strengthen and modernize data protection law and enhance individual rights for data management for any citizen of the EU—regardless of where they live.

Here at Haley Marketing, we initially thought we would not be impacted by GDPR since most of our clients are in North America. However, as we learned, staffing and recruiting companies based anywhere in the world who recruit European citizens or recruit talent on behalf of European companies must abide by the GDPR.

Even if your company is not mandated to comply with the GDPR, it offers a level of data control and privacy protection that is a benefit to all companies, and for this reason, we made the decision to embrace the spirit of the GDPR and update our software systems to ensure compliance.

In this post, you’ll find an outline reviewing what we’ve done to prepare for the GDPR and help you build more trust with your clients and candidates.

Does the GDPR Apply to you?

If your company recruits candidates from the EU or places talent with hiring companies in the EU, then the GDPR applies to you. You should consult with a GDPR specialist regarding the full scope of your compliance obligations.

What has Haley Marketing done to prepare?

  • A Data Protection Officer has been appointed
    We have reviewed all the personal data we process and confirmed our lawful basis for processing.
  • New Privacy Policy
    We’ve updated our privacy policy to incorporate specific language related to data protection requirements under the GDPR. If your company is subject to the GDPR, you will also need to update your own privacy policy. We strongly recommend you consult legal counsel to obtain advice specifically applicable to your business.
  • New “Privacy Protection” Settings
    One of the main GDPR requirements is to get user consent when collecting personal data and subscribing individuals to any form of marketing or data sharing. To simplify this process for you, we’ve added a new “Compliance” section in the Admin Settings area in myHaley. This enables you to assign a Data Protection Officer, link to your privacy policy, and control cookie policies on your Haley Marketing products and hosted website.
  • Updated User Controls
    In each of our products, we have reviewed and updated all user options to provide control for the user to update their data, manage permissions, download their data, and delete their data.

What you can do as a Staffing or Recruiting Company

Compliance with the GDPR requires a partnership between your company and all the vendors you partner with to process data about your clients and candidates.

As a staffing or recruiting company, you will typically act as the data controller for any personal data you collect. The data controller determines the purposes and means of processing personal data, while the data processor processes data on behalf of the data controller. At Haley Marketing, we are a data processor and process personal data on behalf of you, which means that we store the data of your users on our systems.

You should also seek advice from a GDPR specialist relating to your status and obligations under the GDPR, as only a qualified specialist can provide advice specifically tailored to your situation.

Please note, we cannot offer legal advice.

Please do not take this blog post as legal advice, and if you are subject to GDPR, we recommend you consult a specialist to obtain legal advice applicable to your business circumstances.

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.