With GDPR, companies are required to provide a variety of details at the time data is requested (for example, when a candidate applies to a job), including why you are requesting certain information, how long it will be stored, where it will be sent, and any safeguards in place relating to the transfer of data. You can provide the required GDPR notification on job posts as a custom application question.
Note: Seek the advice of your legal counsel to configure the GDPR notification text as it applies to your business. A Greenhouse Recruiting example of an Article 13 notification is provided below to serve as a starting point, but Greenhouse Software cannot guarantee that this text will ensure GDPR compliance for your company.
Add GDPR information to all job posts using standardized job post descriptions
Your organization can add its GDPR disclosure as a statement on all job posts on a given job board by enabling standardized post descriptions and including the GDPR information in the introduction or conclusion. To learn more about configuring standardized post descriptions, click here.
Add GDPR information to a single job post
Alternatively, your organization can add a GDPR disclosure to a single job post at a time by adding it to the description. To do this for an existing job post, click Jobs from the navigation bar. On the subsequent page, click the job to be edited.
From the Job Dashboard, click the Job Setup tab and navigate to Job Posts on the left-hand panel.
From the Job Posts page, click the Edit icon inline with a specific job post.
On the Job Post Edit page, navigate to the Post Description panel and add your GDPR disclosure notice. Scroll to the bottom of the page and click Save when finished.
Repeat this process as necessary to add your organization's GDPR disclosure notice to all applicable job posts.
Add GDPR acknowledgement as an application question
Alternatively, you can add GDPR acknowledgement as an application question on a job post so that candidates must acknowledge the information before applying. To add a custom question to a job post, click Jobs on your navigation bar and select a job from the subsequent list.
Click the Job Setup tab, then select Job Posts on the left.
From the Job Posts page, click Edit beside a specific job post.
Scroll to the Custom Application Questions and click Add Custom Question.
Use the subsequent box to input a title in the Question field and disclose your GDPR information in the Description field.
Select Single select from the Answer type drop-down menu, and input a statement of acknowledgement in the Options field.
Additionally, click the checkbox to make the question Required.
When you have finished, click Save.
When you have finished, click Preview to review the GDPR disclosure on the job post.
Click Save to confirm the change.
All applicants applying through the job post must acknowledge the GDPR notice before they can successfully submit their application.
Greenhouse Recruiting GDPR notice example
Note: Seek the advice of your legal counsel to prepare your GDPR notification text as it applies to your specific business. What follows below is an example of an Article 13 notification. Greenhouse Recruiting cannot guarantee that this text will ensure GDPR compliance for your company.
Example: When you apply to a job on this site, the personal data contained in your application will be collected by [CONTROLLER] (“Controller”), which is located at [ADDRESS] and can be contacted by emailing [EMAIL]. Controller’s data protection officer is [DPO NAME], who can be contacted at [CONTACT INFORMATION]. Your personal data will be processed for the purposes of managing Controller’s recruitment related activities, which include setting up and conducting interviews and tests for applicants, evaluating and assessing the results thereto, and as is otherwise needed in the recruitment and hiring processes. Such processing is legally permissible under Art. 6(1)(f) of Regulation (EU) 2016/679 (General Data Protection Regulation) as necessary for the purposes of the legitimate interests pursued by the Controller, which are the solicitation, evaluation, and selection of applicants for employment.
Your personal data will be shared with Greenhouse Software, Inc., a cloud services provider located in the United States of America and engaged by Controller to help manage its recruitment and hiring process on Controller’s behalf. Accordingly, if you are located outside of the United States, your personal data will be transferred to the United States once you submit it through this site. Greenhouse is certified to the EU-U.S. Data Privacy Framework, which the European Commission has determined ensures an adequate level of protection – comparable to that of the EU – for personal data transferred from the EU.
Your personal data will be retained by Controller as long as Controller determines it is necessary to evaluate your application for employment. Under the GDPR, you have the right to request access to your personal data, to request that your personal data be rectified or erased, and to request that processing of your personal data be restricted. You also have to right to data portability. In addition, you may lodge a complaint with an EU supervisory authority.