How to make your account GDPR compliant?Last Updated: February 03, 2019
If you are a European entity or store data of any European citizens, you will need to be compliant with GDPR. At Recruiterflow, we are committed to helping you stay compliant with GDPR with minimal effort.
If you fall under the GDPR, please make sure you take following steps in your Recruiterflow dashboard.
1) Put disclaimers on your careers page:
If you are using a careers page hosted by recruiter flow, you can put the footer text in the careers page section. We believe that the law the way it is currently interpreted does not make it mandatory for you to put a consent warning on the careers page.
You can put the disclaimer here.
2) Determine how candidate data will be handled in the future:
Legitimate interest: Legitimate interest period is the time you define to store your candidate data. With Recruiterflow, you can define your own legitimate interest expiration period. The countdown for the period starts when you disqualify a candidate. So remember to disqualify all the candidates you are no longer engage with for the said job. You can configure your GDPR settings here.
You have three options here and how they work.
1) Anonymize candidate data:
At the end of the expiration period, Recruiterflow will automatically delete all the personally identifiable information. This will include information like Name, Email id, phone number and Location.
2) Get opt-in from the candidate(Recommended):
At the end of the expiration period, you can ask your candidates to opt-in to store their data. Recruiterflow will email these candidates on your behalf and if the candidates don’t respond, it will auto delete their data at the end of 2 weeks period. The clock will reset again if the candidate opts in and the data will get deleted if the candidate opts out.
3)Auto delete candidate data:
In this case, at the end of the expiration period, Recruiterflow will automatically delete all candidate data including notes and scorecards.
That’s pretty much it. Your GDPR compliance is done.