Book a Free Demo

 

 

What is GDPR and how will it affect your business?

 

The General Data Protection Regulation (GDPR) has had a significant impact on the way organisations recruit.

General Data Protection Regulation

What is GDPR?

It is designed to bring data protection legislation into line with new and previously unforeseen ways that data is now used. There are two main reasons, why the GDPR has been introduced.

1. To give people more control over how their personal data is being used.

2. To give businesses simpler and clearer guidelines to processing personal data across the EU.

When did the GDPR law come into force?

The regulation came into force on 24 May 2016, however this then became law on 25 May 2018.

Top Cloud Icon

Who is responsible?

The GDPR applies to ‘Controllers’ and ‘Processors’ of personal data.

The definitions are broadly the same as under the DPA – ie the Controller says how and why personal data is processed and the processor acts on the Controller’s behalf. If you are currently subject to the DPA, it is likely that you will also be subject to the GDPR.

If you are a Processor, the GDPR places specific legal obligations on you; for example, you are required to maintain records of personal data and processing activities.

You will have significantly more legal liability if you are responsible for a breach. These obligations for Processors are a new requirement under the GDPR. However, if you are a Controller, you are not relieved of your obligations where a Processor is involved – the GDPR places further obligations on you to ensure your contracts with Processors comply with the GDPR.

For the GDPR, as a recruitment software provider networx are the Processor, and our clients are the Controller.

However if a client uses networx recruitment services to manage vacancies, then networx are the Processor and the client and networx are the joint Controllers.

Bottom Cloud Icon


Confused about GDPR? Speak to a member of our team today

General Data Protection Regulation

What are the penalties?

Any data breach (including Cyber Attacks) must be reported within 72 hours. Failure to report a breach within the 72-hour deadline could face a penalty of up to 2% of their annual worldwide revenue, or €10 million, whichever is higher.

If an organisation does not follow the basic principles for processing data for example they fail to get consent from candidates to process their data or don’t provide candidates with the option to delete their information the fines can be even bigger. The data protection authority can issue penalties of €20 million or 4% of your global annual turnover, whichever is greater.

Recent News Keep up to date with the latest news from us here at networx recruitment.

Are new hires getting what they need from onboarding?

When a new employee joins your company it’s important to get the onboarding process just right, however, the latest research has found that there is a significant gap between what... read more...

Top health and social care recruitment trends

It’s no secret that health and social care recruitment is a turbulent market. According to a recent NHS Improvement report more than 100,000 NHS job posts are unfilled . This... read more...
Companies already working with networx

Wait... Not quite ready to book a demo but want to find out more?

Please leave your details and one of our team will contact you to discuss your requirements.

Leave your details below &
we will call or email you back!

What's the best way to reach you, to schedule a demo with a networx expert?

Please leave your company details below:



View our privacy policy