If you haven’t heard of the General Data Protection Regulation (GDPR) legislation then that probably makes you one of the lucky ones, because news of the soon-to-be-introduced EU regulation has been everywhere.
The GDPR legislation comes into force on 25 May this year and will bring with it strict new rules regarding the handling and processing of consumer data. Preparing for the new rules has given plenty of businesses some serious headaches, but as a candidate there’s absolutely nothing for you to worry about. There are however a few things that might change.
Providing a new layer of protection
The protection of personal data has been a hot topic in recent weeks given the Facebook debacle and the grilling Mr Zuckerberg received from Congress. This highlights just how important it is that the existing legislation in the UK, which dates back to the 1990s, is updated.
In response to the new rules, recruitment agencies, consultants and online job boards will have to make changes to their data policies in order to avoid falling foul of the law. Failure to do so could lead to penalties of up to €20 million or 4 percent of annual turnover, whichever is greater. Inevitably, these changes could impact the way candidates are signed up as well as more general recruitment processes.
What do you need to be aware of?
So what’s likely to change from a candidate’s point of view?
- The new rules are EU-wide
Well firstly, the new rules apply to companies that hold information about anyone in the EU. So, even if you are signed up with a bilingual recruiter in the UK but are currently living or working elsewhere in the EU, the regulations will still apply.
- You have the right to be forgotten
One of the biggest changes for job seekers is the fact that you’ll be able to request to see all the information recruiters and job boards hold about you and ask for that information to be deleted. The firm must respond to your request within 30 days.
However, there are also circumstances where personal data is essential for fulfilling a contract or to comply with legal requirements under which companies can continue to hold your personal information without your consent.
- The importance of consent
Another major change focuses on the issue of consent. Once the GDPR is in force, companies must keep records of how and when candidates gave their consent for their personal information to be stored and processed.
Importantly, a tick box will only be an acceptable way of obtaining consent if it is clear and unambiguous. A pre-ticked box will no longer be sufficient. As the candidate, you will also be able to withdraw your consent at any time and companies will need to show that your personal data has been erased.
- Data breaches
The new rules are equally stringent when it comes to security. If a data breach does occur and your personal data is stolen, the Information Commissioner’s Office (ICO) must be informed within 72 hours. That disclosure must be made along with a proposal for mitigating the impact of the breach.
- Your right to report non-compliance
When applying for a job, if you don’t think the relevant terms of the GDPR have been met then you have the right to report the non-compliance to the ICO. It will then be investigated on a case-by-case basis.
Taking your privacy seriously
At Linguistica Recruitment, you can rest assured that we take the security and privacy of all our candidates very seriously and will be adhering to the terms of the new regulations.