The General Data Protection Regulation (GDPR) takes effect on May 25, 2018. The below article outlines some of the many changes we have made to the JobBoard.io platform in order to make your compliance obligations with GDPR easier.
Provide the contact info of your Data Protection Officer (DPO)
From our new Privacy Center you can specify a Data Protection Officer email. This allows you to specify a dedicated privacy contact which our system will use to notify on key events such as a Job Seeker or Employer exporting their data, or deleting their account. This is helpful if you also collect end user data elsewhere in external systems and allow you to make sure that their data is not only deleted in the JobBoard.io platform, but in your external systems as well.
Flexibility, granular control and tracking of end user agreements
Via our new Privacy Center, you can manage your Privacy Policy, Terms & Agreements, create customer agreements and even one line Simple Consents (i.e. to get opt in for additional ways you’d like to use data). You can control what agreements appear on what forms (Profile, Employer, Job Application, etc) and how people agree (explicitly or implicitly). You’ll even be able to gain re-consent should a key policy change. We track and store the timestamp and version of every agreement. In order for you to draft more
Respond to Right to Erasure requests
Job seekers and Employer have always had the ability to self delete their accounts. Job Board owners may also do so via the admin panel. You can now also completely delete Job Alerts (not just unsubscribe them), and delete Job Applicants via our new Applicants manager. For Applicants – you can also choose to simply “Anonymize” them, which will delete all personal data but maintain the record of the Job Application for reporting purposes. In addition, for Apply Link tracking, we now completely Anonymize the IP address after geocoding – making it no longer a source if personal data. Your DPO email address will be notified of self service erasures.
Respond to Right of Access Requests
While you have always been able to export Job Seeker and Employer data, end users themselves can now export their data via self service. This export meets the requirements of GDPR by exporting in machine readable format (JSON) in order to be more easily imported into another system. The export includes all the data they are able to input, including Job Application history for Job Seekers and Job Postings for Employers. Your DPO email address will be notified of self service exports
We will continue to update you as we add more enhancements to the platform relating to GDPR and improved Privacy and data controls!