RecruitBPM | GDPR Compliant

Do you have a GDPR Compliance Recruiting Data?


What is GDPR?

The General Data Protection Regulation (GDPR) is basically planned to progress the data protection for those in the European Union. It legalizes the systems that companies use to manage, save and/or proceed the personal data. The GDPR law covers all staffing processes including personal data from EU citizens. The majority, if not all, of the data you gather or require from the EU applicants or candidates throughout your recruiting process, comes under this regulation.

What data is protected by the GDPR?

The GDPR regulation is applicable to the functionality of proceeding of individual data, described as the information relevant to any common person or ‘Data Subject’ which can be utilized in a direct or indirect way to discover or know about the person.

Who should be concerned about the GDPR?

All the organizations running a business in the EU have legal obligations to act in accordance with the GDPR. Therefore, if you are recruiting in the EU, this is applicable to you in terms of managing the individual data of the EU citizens.

What will it cost if you don’t abide by the GDPR?

Since May 31, 2018, the GDPR demands the companies to be lawfully compliance in the data managing activities or else they can pay the penalty of €20-million or 4% of annual international revenue (whichever is greater).

Key Changes under the GDPR


Individual Rights

According to GDPR, the individuals have the right:

  • To gain access to their private data and rectify the wrong information
  • To appeal for a removal of their private data
  • To express their disapproval on modifications in their personal data
  • To move their personal data
Data Managing and Announcements

The companies will be required to:

  • Use proper security to protect the personal data
  • In case of a personal data breach, inform the administrative authorities and the affected data subjects promptly
  • Make sure that all managing process of the personal data has a proper legal source abiding the GDPR
  • Keep the records that have full information about the data processing
Transparent Policies

The companies are needed to:

  • Issue an explicit notification of the data subjects for personal data collection
  • Summarize the data processing principles and their utilization
  • Describe the data maintenance and removal policies
IT Training

The organizations will have to:

  • Educate and prepare the privacy team and other staff members on the guidelines of GDPR compliance
  • Evaluate and revise the data and privacy policies
  • Employ a Data Protection Officer if it is needed
  • Develop and implement complaisant data processing agreements with the vendors who can retrieve the personal data

Who is affected by the GDPR?


There are mainly three categories that are recognized and controlled by the GDPR and belong to the business transactions, which either have the rights or obligations to personal data under this regulation.

Data Subjects

The applicants and candidates are the Data Subjects, who provide their private data while following the job opportunities within your organization.

Data Controllers

You are the Data Collector as you decide the function, objectives, and category of the data that you gather from the applicants and candidates.

Data Processors

RecruitBPM works as your Data Processor. Our platform is here to help you in processing the data that you manage and ask us to collect as a part of your recruiting process.

GDPR requirements you must know about

It is necessary for any of the data processing ventures your company is carrying out that include personal data of the EU citizens to abide by the following major GDPR rules to be legally sanctioned. Your data processing must be:

  • Explicitly objective and legal
  • Clearly identified and designated
  • Just contain the required data
  • Up to date and precise
  • Offer only restricted authority over the data
GDPR Requirements

How RecruitBPM can help you to have GDPR compliance recruiting data?


If you are preparing for GDPR compliance, then managing your hiring process with spreadsheets will be very challenging particularly in case of storing candidate data. RecruitBPM as your applicant tracking software and selected data processor, make every effort to provide innovative recruiting solutions. We manage your applicants and candidates to such a degree that it reinforces your compliance goals and accommodate all your hiring needs.

Compliance Candidate Database

  • We offer role-based access to the users so they can access only the required information, while the rest of the data is secure
  • Let you keep a regular tracking of when and how candidate data is acquired
  • We offer a secure procedure to delete, share or make corrections in candidate data

Explicit Communication

  • To ensure the hiring teams comply with data minimization rule, we offer customizable application forms to the candidates
  • We offer email templates in order to convey policies to sourced candidates
  • For a consistent and compliance communication with individual candidates we offer bulk email options
  • Communication between the recruiters and candidates is easy to track

Disclaimer:

The information provided under the GDPR Compliance Section is solely for informational purposes; RecruitBPM does not offer any kind of legal advice or certification to the users. Companies should seek out their own legal advice regarding GDPR compliance.

For further inquiries, important information and upcoming updates, contact us at sales@recruitbpm.com