How will GDPR affect Jobseekers
The new GDPR (General Data Protection Regulation) legislation comes in to effect 25th May 2018. It will replace the Data Protection Directive. GDPR has been agreed by the European Commission to improve the handling and storage of personal data and putting the person whose data it is, in greater control of how it is used.
GDPR is bringing in greater rights to the owner of the data, to include:
• The companies holding your data have to state why they’re holding your data and why they need to process it
• You have the right to request a Subject Access Request
• You have the right to request any personal data be rectified due to it being incorrect or incomplete
• You have the right to request that any company erase your personal data
• You have the right to request that any company restrict the processing of your data
• You have the right to request that your personal data be transferred to another provider
• You have the right to object to the company processing your personal data
• GDPR stipulates that any of your requests must be processed within one month of receipt
• You have the right not to be subject to a decision based solely on automated processing, such as profiling
Failure to comply with the new GDPR legislation will include much tougher penalties than the Data Protection Directive, which it is replacing. Companies, recruiters and online job boards will all be required to make changes to their data protection policies, how they sign up candidates and the overall recruitment process to avoid receiving penalties.
Putting the Jobseeker in Control
Given how technology has progressed over recent times, the data protection legislation was well overdue an update. For example, it is estimated that more data was created in the last 2 years than the previous 5,000. This, in turn, has seen the process of storing and processing data a much more complicated task, this vulnerability has seen cybercrime become a much bigger problem for not only businesses but the individual.
GDPR’s aim is to put the job seeker in more control of their data and how it is processed, it has also been brought in to put the job seeker in control of what marketing material they receive and in what format. It will see the end of soft opt-in consent across the board. From May 25th 2018 for the company to gain your consent to send you any marketing material, you will have to actively tick the opt-in tick box to formally give your consent.
Companies will now need to keep a full audit trail for every jobseeker they hold data on. They will need to keep a record of how and when the jobseeker gave their consent for the storing and processing of their data when they originally register. They will also need the jobseekers consent to send their CV to a client, again they will need to keep a full audit trail of this.
The full implications of GDPR will become clearer after its implementation. If you have concerns over your personal data being held by a company, you should contact this company directly to discuss what they hold on you. If following that conversation you still have concerns, you can get in touch with the Information Commissioner’s Office.
Recruit Mint is committed to protecting your data and ensuring we only process the information you are happy for us to process. If you’re looking for work still and want to use an agency you feel safe using, then register today