Top

Privacy Notice Setup (GDPR)

Follow

A link to your Privacy Notice should be shared with every candidate in your Workable account.

With Workable Pro you can create a Privacy Notice from our legally approved template or use a link to your own, pre-written Notice. However you choose to work, your Privacy Notice can be seamlessly shared with the sourced and applied candidates in your account.

If you don’t have a Workable Pro subscription you’ll need to create and host your own Privacy Notice. Ideally, your Privacy Notice will be related to recruitment only, instead of a more general company privacy policy. This will further increase transparency, enabling the candidate to quickly see relevant information which could be missed in a longer, more general policy.

The Privacy Notice should include details of:

  • How long your organization intends to store the candidate data. If it’s not possible to provide an exact length of time, then explain the criteria used to determine that period
  • How candidates can withdraw their consent to the processing of their personal data
  • How candidates can request corrections or access to their data, or ask for it to be deleted from your system
  • Who candidates should contact should they want to lodge a complaint regarding the processing of their personal data

Sourced Candidates

We suggest that you create and document your process for data protection within your organization. As part of your process you can use Workable to create an email template that can be used to contact sourced or passive candidates with a consistent approach.

When sharing this information you should:

  • Provide the name and contact details of your organization
  • Explain where you sourced their data
  • Provide a link to your Privacy Notice for recruitment, outlining the requirements set out in GDPR Article 14

Applied Candidates

For candidates who apply through job boards or your careers page, we suggest including a short paragraph at the end of every job description created via Workable. This should be written in clear language, and:

Provide the name and contact details of your organization

Be clear that any data requested will be used for recruitment purposes only (should you intend to use candidate data for other purposes, you will need to inform the candidates of the details).

Include a link to your Privacy Notice for recruitment, outlining the requirements set out in Article 13. Do not embed the link in text (e.g. "click here"). Job boards will remove embedded links. Instead, copy and paste the full link directly into the post (e.g. "www.workable.com")

Setting up a Privacy Notice template or custom link label-pro.png

To comply with the rules of the GDPR, you must send candidates a link to your Privacy Notice. If your account is a Workable Pro plan, you’ll be able to generate a Privacy Notice as the first step in activating the GDPR compliance settings.

Click your user icon in the upper right of Workable, select Compliance and enable the GDPR features switch to set up the Privacy Notice.

privacy_notice_template.png

Fill in the template with your organization’s information. We’ll use it to generate a pre-written Privacy Notice. You can preview this notice to ensure it meets the standards of your own organization. The pre-written details in the Privacy Notice have been vetted by legal professionals for GDPR compliance. Your company's logo will appear at the top of the notice:

privacy_notice.png

The sample data we’ve included in this example is not comprehensive and may not be in line with the guidelines your organization chooses to set. When completing the template you may want to speak with your executive or legal team to ensure that you have addressed everything that candidates should be informed of and that your data retention timeframe makes sense for your organization.

If you prefer to use a fully custom Privacy Notice, click the link to the upper right of the form, "I want to use our existing Privacy Notice".

custom_privacy_notice.png

Simply include a link to your own Privacy Notice in the form that appears.

Note: The custom Privacy Notice should specifically address the way you will use candidate data. Simply linking to a generic or overall Privacy Notice or Policy that your company has may not be sufficient. Consult with your legal or executive team before implementing this option. We recommend using the template option due to ease of setup.

A link to the Privacy Notice will appear in application confirmation emails automatically. It can also appear on application forms and in emails to sourced candidates.

application_confirmation_privacy_notice.png

Click Save Changes and the bottom of the section once you’ve set up the Privacy Notice.

Updating your Privacy Notice

You can update the details of your Privacy Notice template or change the custom link at a future date if necessary.

When a change is made to the template it will be reflected for all candidates who access your Privacy Notice. Candidates who initially received an older version of the template will be directed to your updated version.

privacy_notice_updated.png

Note: If you opt to use a custom Privacy Notice and the link to find this online changes at any time, remember to revisit this section in Workable and update the link. It is important that applicants and candidates have access to a working link to your Privacy Notice to remain compliant, but keep in mind that candidates who received your original custom link will not receive the new link automatically.