On May 25 2018, a new data protection framework for the European Union (EU), the General Data Protection Regulation (GDPR), will come into effect. This is the most significant data protection legislation introduced in Europe in the past 20 years. It is intended to harmonize data privacy laws across Europe, protect and empower the data privacy of all EU citizens, and reshape the way organizations across the region approach data privacy.
Any organization that offers goods or services to EU citizens must comply with the GDPR.
At Personify we take data security seriously. We’ve been working hard to make sure we meet our obligations under the GDPR and are transparent about how we process data.
We are Here to Support our Clients and Candidates
The GDPR clearly defines the roles that different organizations have when managing or dealing with personal data.
There are two major roles – Controllers and Processors. Controllers are organizations that deal with personal data. Personify clients are Data Controllers because they collect data, decide what will it be used for, and how will it be used. Personify plays the role of the Data Processor because Personify processes this personal data, provided by the clients and their candidates, on their behalf. In each role that we play, we are committed to the privacy of our clients and candidates, and outline our GDRR commitments and compliance below.
Data Subjects include candidates, as you are supplying data that can be used to identify you, such as your name, email, contact information, and other such personal information when you apply to one of Personify’s open positions or join one of our Talent Communities. For those candidates who are applying directly to a Personify job position, Personify plays the role of the Data Controller, since we are collecting candidate data for our own internal hiring process. For those candidates who are joining one of our Talent Communities, we play the role of both Data Controller and Data Processor, as we are collecting your candidate data for the purposes of sharing information with and contacting you about job opportunities with our Clients in subject areas and job families you have elected to join.
Data Processing Commitments
Individuals who are either employed by or applying for jobs with Personify clients have the right to ask the Personify clients to correct, amend, or delete data pertaining to those individuals. If you wish to have your Personal Information deleted from a Personify client’s database, please contact that customer directly to resolve your concern.
The Rights of Data Subjects
Our clients and their candidates can already access, correct, and modify their personal data stored on our databases or in those of our sub-processors. If you have joined a Talent Community, you can access, correct, and modify your personal data by accessing your account preferences page through the Service.
Clients and Candidates can also contact us at firstname.lastname@example.org if they would like to access, correct, or remove their personal data. As a Processor, we will forward these requests to the relevant clients and help them respond, if needed.
We have put in place robust mechanisms to delete our clients’ or candidates’ data upon request or at the end of their contract. Clients can also ask us to permanently delete their company data or candidates’ personal data stored on our databases or in those of our sub-processors at any time. If you are a candidate for a position at Personify or have joined any of our Talent Communities and would like to delete specific data, please contact us at email@example.com.