Organisations that collect personal data from EU residents must become compliant with the General Data Protection Regulation (GDPR). The GDPR is a new law that aims to strengthen people’s rights to privacy and protect their personal data. It comes into full effect across all European member states on 25 May 2018
You can maintain GDPR compliance with the features built in to your Workable account. While Workable makes these features available and is itself GDPR compliant, it is your organisation’s responsibility to comply with GDPR requirements from the perspective of a ‘Data controller’.
You must be a Super Admin in Workable in order to set up or modify GDPR compliance options.
Note: While Workable has consulted with legal professionals in the creation of any guidance we provide, Workable is not a law firm. All information in these guides is general information only. It is not intended to constitute legal advice or seek to be the complete and comprehensive statement of the law, nor is it intended to address your specific requirements. Organisations should take independent legal advice regarding their own provisions for data protection.
The GDPR settings apply to jobs based in the EU, Norway and Iceland, where residents are protected under the laws of the General Data Protection regulation (GDPR), as well as to jobs based in Switzerland and Liechtenstein.
Jobs in other locations will not be affected.
To ensure that you have a plan in place by the 25th May deadline, start by reviewing the material below:
- GDPR and candidates’ right to erasure
- Candidates must have the option to delete their own data. Learn how to enable that option
- GDPR and the Privacy Notice
- You’ll need to inform applicants and sourced candidates of how you intend to process and store their data
- GDPR and data retention
- Find out how to activate settings to delete candidate data automatically, based on your own pre-set time frame
- GDPR and candidate consent
- If candidates have actively applied for a role, consent to process their data is implied through GDPR’s legitimate interest caveat. But, if you want to seek active consent, find out how to include a checkbox on your application forms
- Download or print a resume/profile
- Find out how to export the information in a candidate profile if the candidate requests right of access
Check out our resources pages for more help with GDPR:
- Workable’s approach to GDPR
- Tips for using Workable to maintain compliance
- Recruiters Guide to GDPR Compliance
- An overview of recruiting processes you’ll need to put in place for compliance