The GDPR came into effect on the 25th of May 2018. What does this mean for you as a candidate? In essence this is an EU directive designed to give individuals greater control of where and how their personal data is processed. The GDPR strengthens an individual’s rights and imposes new obligations on organisations who hold your personal data to comply with regulations on how they store your data, how long they store your data for and your ability to access, update or delete your personal data held on company systems.
We in @Recruit IT are very conscious of our obligations under the GDPR. We have updated our Privacy Policy which can be viewed here https://atrecruitit.com/pages/privacy-policy/ and we have nominated one of our directors as our Data Protection Officer with responsibility for ensuring compliance with the GDPR.
Consent
One of the key changes brought in by the GDPR is the concept of consent, you must consent for your data to be held by any third party. At the moment your inbox s probably full of automated emails from services you have forgotten you signed up to outlining how they are dealing with implementing the GDPR and looking for your consent to continue to hold onto your data.
If @Recruit IT are in possession of your CV, you have either sent it on us directly by email or via an online application or by posting your CV on a Job Board. Your CV contains key personal data which may include your name, email address and phone number. By providing your CV and these details to us, you give us consent, so that we can match you and your skills with suitable job opportunities and so that you may avail of our placement services.
How do we process your CV?
@Recruit IT’s process when we receive your CV is as follows
We acknowledge receipt of your CV and inform you that in applying for a role we intend to store your CV for a period of at least 12 months
We upload your CV onto our Applicant Tracking System (ATS) so it can be viewed by everyone in @Recruit IT. This is a secure cloud base platform. Our ATS supplier has confirmed their compliance with the GDPR in writing with respect to the storage and processing of your personal data.
We will use your data to submit your CV to clients for existing vacancies, with your explicit permission; to communicate with you about relevant job opportunities and provide career guidance and support and lastly where we have a bona fide requirement by law to disclose it to third parties in relation to current employment legislation or government body
Should we not be successful in placing you we will contact you periodically in the future to confirm that we have your permission to retain your details on @Recruit IT’s Applicant Tracking System (ATS)
At all times you have the right to request to update, modify or view the data we hold on our ATS and crucially you also have the right to request the deletion of your record. This can be done by emailing us with the appropriate subject title UPDATE, MODIFY, VIEW or DELETE to hello@atrecruitit.com at any time. (We reserve the right to request proof of ID before actioning any request)
We will only use your CV data for the purpose for which it was provided to us, i.e. for the provision of placement services. Your CV will only be shared with prospective employers and strictly where we have your express consent. @Recruit IT does not share your personal data with any third party and will never sell your data to any third party.
Security of Your Data
Our infrastructure is all based in the Microsoft Cloud, using tools like Microsoft Office 365 and One Drive for collaboration, leveraging the security of Microsoft’s market leading online collaboration toolset. @Recruit IT are confident that all electronic CV data is hosted on third party servers with providers who are within the EU, are GDPR compliant and have sufficiently secure physical and technological processes in place.
Data Breach
In the unlikely event of a Data Breach we will inform the Data Protection Commissioner as soon as we are aware a breach has occurred. We will then contract every potential person whose data may potentially have been compromised.
Accessing your Data
The GDPR allows for what is called a Subject Access Request. What this means in essence is that you are entitled to view any notes or comments stored on our Applicant Tracking System (ATS) in relation to you. We undertake to provide the data in a suitable format, we will require proof of identity before we supply you with your data.
Deleting Your Data
You are entitled to request that your record be deleted at any time. As stated above, the mechanism for doing this is either directly with your contact in @Recruit IT or by sending an email to [email protected] with the title DELETE. Again, we will contact you and request proof of identity before carrying out this request.
Contact us
You can also physically write to us to request an Access Request or Deletion by post to
@Recruit IT,
19B Old Street,
Malahide,
Co Dublin K36 AE95
As per all other instances we will contact you requesting verification of identify before proceeding with the request.