GDPR Commitment Statement
The EU General Data Protection Regulation (GDPR) is the most significant piece of European privacy legislation in the last twenty years. It replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data, and creating a uniform data protection law across Europe.
GDPR is a globally relevant regulation applicable to any organization that has EU area customers or even stores EU citizens’ data. GDPR has taken effect from May 25, 2018.
Designed with Data Privacy
Wisestep is designed with GDPR standards as a Data Processor. With Data privacy first approach and our product features are rolled out with privacy first principles.
Managing Data Privacy in your Processes
Wisestep provides unmatched flexibility in allowing its customers to design data privacy into their recruitment process flows and allow granular control of data.
The GDPR regulation puts more power in the hands of the Data Controllers by creating a regulatory imperative of Data portability. We provide for portability and work with our customers to ensure that their Data Portability needs are met.
While we expect you to rely on us to help you manage your Data privacy needs when you manage your recruitment processes with us, we suggest that you also review the following in your organization
Understand GDPR better
Familiarise yourself with the regulation and identify how it may affect your relationship with your customer, employees and other stakeholders. Get clarity on what role (“Data Controller” or “Data Processor”) you play in your interactions
Lawful basis of processing Data
The GDPR regulation clearly specifies the different lawful basis of data processing. Review your business processes and the interaction with your stakeholders to decide which of these basis applies to you.
Audit Your Data
- Create process maps and the data captured at different steps
- Review who has access to this data and for what purpose.
- Document your business processes
- Create an Information Assets Register
As part of your audit you may create a register of all the information you capture as part of your business process. Use these to capture an information assets register to easily understand and review any changes or updates to the way data flows in your organisation.
Keep yourself updated on various developments on GDPR and the way it’s being implemented and interpreted by different countries and companies.
Data Protection Team
For any issues or questions please write to our Data privacy team on email@example.com