GDPR & OnRecruit

The General Data Protection Regulation (GDPR) is a new data protection law brought in by the European Union that is intended to replace EU Data Protection Directive (Directive 95/46/EC). It was established to strengthen the protection of data of individuals, and giving them greater control over how their data is used online.

In relationship with our clients, OnRecruit is a data processor. We process data on behalf of the controllers who owns the data, which are our clients. We have data processing agreements with our clients.

OnRecruit has taken the required measures in order to become GDPR compliant. Here’s a selection of the actions we took. 

Data Minimization: OnRecruit only uses the amount of data is actually needed to successfully operate our client’s business and achieve their company goals. This includes, but is not limited to the pages candidates visit and the devices they use.

Pseudonymized & Anonymized Data: OnRecruit does not store any identifiable information. We attach a reference number which the customers ATS uses as a reference to a candidate. We do not store any personal information about candidates.

Anonymous IP Addresses: We store anonymous IP addresses. This is done in order to help us identify people, website and bots.

Law Firm Specialized in IT Legal Issues: Our processes are backed by a third party.

Updated Terms & Conditions: We have updated our terms and conditions to comply with the GDPR, and also help our customers do this.

Data Security: We have taken the organizational and technical measures in relation to data security.

DPA: OnRecruit has created Data Processing Agreements with our clients.

“It makes companies really think about how to protect their customers, users and visitors. It helps companies to be conscious about what kind of data we are storing about a person and what makes sense to achieve their company goals.”

Dirk Meeuws, CTO and Chief Success Officer at OnRecruit