Once the GDPR comes into effect in May, as an organisation you will not only need to ensure that every candidate agrees to how you intend to process and store their details but also keep a record of when this consent was given as proof should this be required.
The simplest way to ensure you obtain the necessary consent every time is by introducing a centralised registration portal that requests the candidate’s view and agree to your Privacy Policies and automatically records the time and date they provide consent.
But what happens when you receive a CV or application via email?
Whether the candidate is applying speculatively or for a specific role, even though the candidate has sent you their CV this doesn’t give you the necessary consent to manually add their details to your recruitment software – nor does it give you the necessary consent to store their details in a filing cabinet.
Although it is possible to obtain consent via a more manual process (i.e sending a message/email to the candidate asking them to agree to the data they have provided to be held etc) the process will undoubtedly be much slower and cumbersome with the following also needing to be considered: Who will be responsible for obtaining consent? Where will this be stored? Where will you store the CV? Who will have access to it? How do you control how long the data is kept?
An applicant tracking system therefore provides the obvious solution.
Find out how our recruitment software has been developed to support this key GDPR requirement.
As an organisation, networx have undergone extensive GDPR training and are recognised as fully Certified GDPR Practitioners.
Whilst every effort has been made to ensure that the information included in this article is accurate at the point of release this should not be relied upon as legal advice or be used to determine how GDPR will apply to your and your organisations.
We encourage all organisations to seek the advice of a legally qualified professional to discuss GDPR and how best to ensure compliance.