GDPR & Q830-96 Compliance


GDPR & Q830-96 Compliance

DSML Executive Search is committed to full compliance with the General Data Protection Regulations (GDPR) and Canadian Protection of Personal Information (Q830-96) standards.

What this the GDPR?

The GDPR, (like the CAN Q830-96 standard), establishes clear requirements governing how an organization manages and protects personal data while respecting individual choice – no matter where data is sent, processed, or stored.

The General Data Protection Regulation, in effect from May of 2018 is being instated with the goal of establishing a standard for personal data protection for EU citizens. These new data regulations will affect any company that:

  • Operates in the European Union
  • Has clients Operating in the EU
  • Processes data on EU citizens

 

What does this mean for both our clients and our candidates?

For Clients:

DSML Executive Search provides recruitment services for European and Canadian companies doing business in the United States.  Our clients need to know that vendors who provide them with business services follow the GDPR (or Q830-96) standards.

DSML Executive Search has subscribed to a customized CRM platform, that, for clients, business contacts, and, most importantly, candidates:

  • Manages privacy preferences, permissions and consent
  • Creates a dedicated data privacy record
  • Easily complies with Right of Access and Right to be Forgotten requests
  • Accesses a comprehensive suite of compliance tools

 

All client information provided to us, regarding client sales, processes, business plans, etc. will only be used for the express reasons that it has been provided.  DSML Executive Search will never disseminate any client information to any other organization without express permission.  Any client information provided to us will be deleted from all records within 30 days of a client request.

For Candidates:

DSML Executive Search has always kept candidate information in the highest confidence.  We have never submitted a candidate resume to any client without the candidate’s knowledge and implied permission.

  • Under the new GDPR rules DSML Executive Search will be strengthening the permission process further so that there is no question how a candidate’s resume and personal information is used.
  • DSML Executive Search has never called, and will not call, upon any reference provided to us by a candidate, without the candidate giving us express permission.
  • All personal data on candidates is gathered lawfully and for specific purposes only. (Personal data is “Any information related to a natural person or ‘Data Subject’, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address.” )
  • The only way that DSML Executive Search will use any candidate data is through the candidate giving us explicit permission.
  • The storage of any candidate information is not indefinite. DSML Executive Search will establish time limits for review and possible erasure of information.
  • Candidates are entitled to request access to any data held, including notes and comments about them. Candidates have the right to rectify or erase the information being held by DSML Executive Search, (within one month of receipt of the request).