The GDPR briefly explained
The GDPR is a European regulation that came into effect on 25 May 2018 and replaces the Personal Data Protection Act (WFP). The purpose of this regulation is to make the European exchange of data safer and more transparent. Organizations must handle your personal data with care and may not keep this information for longer than is strictly necessary and only for a specific purpose.
Which job application data is covered by the GDPR?
All information that you process in your resume and cover letters, as well as the information that is processed in notes during an interview about you, falls under the GDPR. Is doing an assessment, a screening, a psychological examination or a medical examination part of the application process? Then this data also counts as personal data.
What personal data may an employment agency or recruiter provide to a client?
A recruiter has a slightly different job than a corporate recruiter. The job of a recruiter is to match the wishes of the employer with those of a suitable candidate where the recruiter is not employed by the employer. A corporate recruiter is employed by the organization for which he is recruiting right to be forgotten Examples.
When a recruiter or intermediary is looking for a suitable candidate at an employment agency, he will have to share the data of this person with his client. In this case, the provision of data is necessary and relevant for the purpose for which the data is provided. A recruiter may share the following application information with his client:
- Your name and place of residence
- Your accessibility
- Your relevant work experience , education and courses
- Whether you have a driver’s license (if relevant to the position)
- Your language skills (if relevant to the position)
- Your resume
If you are already working somewhere as a temporary worker, the following information may also be shared:
- Your phone number , email and address (on request)
- Your employee number
- Your date of birth
- Your gender
- Your BSN (once in the context of the hirer and chain liability)
Which personal data may not be shared?
Employment agencies or recruiters are prohibited from processing special personal data unless there is a legal exception. By special personal data we mean sensitive data such as a person’s race, religion or health.
A passport photo
A passport photo on a CV also falls under the heading of special personal data. You can deduce someone’s origin or religion from a photo. If you give permission as a candidate for the storage and processing of your passport photo by third parties, an employment agency or recruiter can share it with the client. This permission is only valid if the provision of a photo is voluntary and there are no adverse consequences if it is not provided. An employment agency or recruiter may not ask an applicant to send a photo if this is not necessary for the assessment of your application.
Medical data also falls under the GDPR category of special personal data. Recruiters or employers may not ask you questions about your health and may not share this information with others. If you have medical restrictions that could affect the performance of the position, you must report these yourself.