Recruitly Logo
Signup

GDPR Policy

The EU General Data Protection Regulation (GDPR)

The GDPR came into effect in May 2018. The regulation applies to all businesses processing the personal data of EU citizens, whether they are inside or outside of the EU.

Recruitly as your Data Processor

Recruitly acts as a data processor on behalf of our customers. As a customer of Recruitly, you are entering into an agreement which gives us a legitimate basis to process your data (in line with GDPR requirements).

The security of customer data has, and always will be, taken extremely seriously. Our infrastructure is hosted by Amazon Web Services (AWS), which provides industry-leading security and has a long list of internationally recognized certifications and accreditations including: ISO 27017 for cloud security, ISO 27018 for cloud privacy, SOC 1, SOC 2 and SOC 3, PCI DSS Level 1 and many others.

All customer data is backed up at regular intervals and stored in two alternative locations within the EU at all times, as per AWS recommended guidelines. Finally, security and performance tests are carried out at regular intervals to ensure the smooth running of the service.

Along with a standard username and password, all customer databases can be secured with additional layers of security including: SSL Authentication, Access Control Lists, and use of the in-built comprehensive Permissions System. All customer data can be exported at any time from within the system by an authorized user. Finally, there is a detailed system log which provides an overview of activity on the database for auditing and security purposes.

Recruitly operates a live support chat system which is built directly into the database.

In the unlikely event of a data breach, Recruitly has strict procedures in place to report this to customers, and the ICO within 72 hours of discovery.

Recruitly does not share customer data with any third parties without express written permission.

Your Rights

Under the General Data Protection Regulation, you have a number of important rights free of charge. In summary, those include rights to:

  • Access to your personal data and to certain other supplementary information that this Policy is already designed to address.
  • Require us to correct any mistakes in your information which we hold.
  • Require the erasure of personal data concerning you in certain situations.
  • Receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations.
  • Object at any time to processing of personal data concerning you for direct marketing.
  • Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you.
  • Object in certain other situations to our continued processing of your personal data.
  • Otherwise restrict our processing of your personal data in certain circumstances.
  • Claim compensation for damages caused by our breach of any data protection laws.

For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals' rights under the General Data Protection Regulation.

Exercising Your Rights

If you would like to exercise any of those rights, please:

  • Contact us using our contact details below.
  • Let us have enough information to identify you.
  • Let us have proof of your identity and address. Where you are a user of our services, you should email us from the email address that you used to register with Recruitly. Receipt of an email from this address will usually be sufficient to confirm your identity. In all other cases, we may request one or more identification documents, such as a copy of your driving licence or passport and a recent utility or credit card bill.
  • Let us know the information to which your request relates.

How to Complain

We hope that we can resolve any query or concern you raise about our use of your information.

The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live, or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.

Contact

All questions, comments, and requests regarding this policy should be addressed to support@recruitly.io.