In May 2018, the GDPR (General Data Protection Regulation) came into effect. It is now the main law which looks into how companies protect the personal data of EU citizens.
GDPR guidelines must be followed by every member state of the EU. Also any company that markets goods or services to EU residents, wherever it may be located, must follow GDPR.
Personal data is used for a whole lot of decisions made that affect us. Getting a loan, a license or a job is dependent on our data. Personal data can be used to influence our decisions and shape our behaviour.
Personal data in the wrong hands can cause individuals great harm.Without knowledge of what data about us is used and how it is being used we can become pawns into the hands of large companies who have our data. Besides we would become helpless without the ability to have a say in how our data is used. It is important to be able to object if data use is harming us, just as it is good to be able to erase our personal data that a company may hold.
Verve as the back office for recruitment firms is at any time in the possession of a large amount of data provided by both companies and individuals. Verve understands that ensuring a company/candidate that their data is secure and governed will build a better customer experience and will thus help in improving business.
By complying with the GDPR policy, Verve has learnt to- understand how data is sensitive, prevent unauthorized access to data and create a 360 degree view of the clients information.
Data consisting of racial origin, political opinions, religious beliefs or sexual orientation of a person constitutes sensitive data. Being GDPR compliant, Verve is very careful of the data that they collect from it's users/clients.
Verve Global Services follows strict principles to secure data of it's clients in the best possible way. Verve collects data only for specific purposes. Verve processes all data lawfully, transparently and fairly. Verve ensures that with personal and sensitive data, only that which is necessary for the specific purpose of processing is processed. Towards this end Verve implements the latest technical and organisational measures. Data collected by Verve is kept up-to-date. Verve stores collected data only as long as necessary. Verve processes data in a manner that ensures it's security.
Apart from this, the GDPR requires organisations to tell their clients and users about their eight rights. The right to be informed, the right to access, the right to rectification, the right to erasure, the right to restrict processing, the right to data portability, the right to object, and rights related to automated decision making and profiling.
As per the requirement of GDPR, Verve discloses the fact that it may be required to share data with third parties such as analytics, payment processors. Verve clearly specifies who these third parties are. Verve never processes sensitive personal data unless required by law. Under GDPR, users have well defined rights pertaining to access of their personal data. Verve informs it's users about this right and includes a contact information email that they can use to submit a request to receive a copy of their personal information. Verve stores data in a structured and machine readable format thus enabling data owner the right to data portability without any delays or unnecessary problems. Finally, as per GDPR guidelines, Verve provides right to erasure or right to be forgotten for personal data without any delay.
Thus Verve, as a GDPR compliant company not only handles consumer data sensitively but also provides its users various ways to control, monitor, check and if required delete any of their personal data that they want.
Verve values the access and use of their customers data and treats it as a privilege instead of a right. As expected by GDPR, Verve puts all the powers in the hands of it's users/clients when it comes to their data. Verve is thus up to par legally and ethically with (and inspite of) the complex digital age we live in.