General Data Protection Regulation 2016 (GDPR)

GDPR is a European Directive that became law on 25th May 2018. This directive supersedes previous Data Protection Laws. GDPR applies to companies that process data of EU residents. This covers EU organisations and non-EU companies that offer goods or services to EU residents or monitor their behaviour. Organisations who are not compliant, risk being fined up to 4% of their annual global turnover (revenue) or €20 million, whichever is greater. Companies may also see their reputation hurt by fines or reprimands.

In respect to the recruiting function, the GDPR refers to:

Candidates or “data subjects.”
Candidates are the data subjects because they can be identified through personal data they give to companies. For example, their resumes may include their names, physical addresses or phone numbers. The GDPR exists to protect this kind of data.

Employers or “data controllers.”
Employers, or recruiters who serve as their company’s main representatives to candidates, determine the purpose of collecting candidate personal data. This makes them the data controllers who are fully responsible for protecting candidate data and using it lawfully.

Applicant Tracking Systems (ATS) and other recruitment software/services or “data processors.”
Our ATS is a data processor because it processes candidate data on behalf of your company following your company’s instructions. Data processors often have “sub-processors”.

GDPR & Candidates:

The Logiskills Group processes personal data from the candidates when they use our services to find employment. The Logiskills Group becomes the Data Controller when candidates register and consent for the Group to process their data.

Under GDPR, consent is given voluntary and specific for the reason for processing. Therefore the Logiskills Group will need consent for processing data (onto the Logiskills Group database), separate consent is also required for sending CV’s to a client, consent for sending other personal details to a client, ie telephone number, e-mail, SKYPE address etc.

At any stage, a candidate can refuse consent and request that all/some information is removed or restricted from the database.

It is for these reasons that you will receive a number of different consent emails from our consultants.

GDPR & Clients:

The Logiskills Group and its clients must adhere to the General Data Protection Regulation at all times throughout the recruitment process if they are to avoid potential fines as a result of an investigation by the Data Protection Commission. As both the Logiskills Group and clients will be processing personal data, both are deemed Data Controllers. To ensure compliance and protection for both our clients and the Logiskills Group, we issue a Data Sharing Agreement (DSA) which is signed by both parties. Some clients may prefer to issue their own DSA to us for our signature. Unfortunately, no candidate details can be sent to any clients where a Data Sharing Agreement is not in place.

The DSA is a commitment that candidates details will only be processed in the manner the consent was given.

The Logiskills Group strictly adheres to GDPR and this is reflected throughout the whole recruitment process for both the clients and the candidates. The candidates know their data will not be processed or shared without consent and that companies who they have consented to receive their CV will have a Data Sharing Agreement in place.

Clients know that the candidate has given consent to have their details sent and that The Logiskills Group have an audit trail of consent and communications to support this in the event of a complaint.

Personal Data is important to the Logiskills Group and we pride ourself on implementing GDPR throughout all stages of the recruitment process. This professionalism is reflected in the service that we offer both the clients and the candidates.

For further information on the Logiskills Privacy Policy please see https://www.logiskills.ie/privacy-statement