On May 25, 2018, the General Data Protection Regulation (GDPR) went into effect. It’s a legislation that gives residents of the European Union more control over their data. It applies to you if you deal with the personal data of EU citizens, even if your business does not have a physical presence in the EU.
Our GDPR Commitment
As your applicant tracking system, enlist is committed to help you meet your GDPR obligations. Over the past few months, we have made several changes to our products as well as our policies. In this article, we will give you a brief overview of the tools we now offer.
As a data controller
As a data controller, enlist stores your personal data. Here are the steps we have taken to be compliant with GDPR.
EU-U.S. Privacy Shield Compliant
Under the GDPR, transfers outside the EEA is not allowed unless there are adequate protections. Enlist has self-certified to the EU-U.S. Privacy Shield.
Updated Terms & Privacy Policies
We have updated our services to start collecting explicit consent wherever applicable. In addition to that, you will have the option to withdraw your consent at any point in time.
To avoid retaining your personal and candidates’ data indefinitely, when you close your account with enlist, all your data is deleted from enlist within 14 days.
We have built tools to help you export all the candidates’ data in your account.
As a data processor
As a data processor, enlist helps you process candidates’ data. We have built several features to help you be compliant with GDPR. You can find an overview of what we've done here.
Questions? We're always here to help. Just drop us an email at firstname.lastname@example.org.