The information provided about how you process a candidates data must be concise, transparent and easily accessible. We recommend you publish it clearly on your website, registration and application forms.

It also doesn't do any harm to include links within any bulk emails you might be sending, particularly if it's the first time you're contacting those candidates in a while.

Your candidate agreement should include:

  • How you store candidate information

  • How long you keep that candidate information

  • What rights candidates have to access their data

  • The right for candidate data to be deleted on request

  • The reasons why you are storing their data

ICO have a great checklist for drafting your agreement if you haven't done so already.

Disclaimer: This information on EU data privacy should not be taken as legal advice for your company to use as guidance when complying with EU data privacy laws like the GDPR. Instead, it should serve as background information to help you better understand how Firefish Software is and will be addressing some important GDPR requirements that you will be legally obliged to show intent to comply with. So please – do not use this information as legal advice, nor as a recommendation of any particular legal understanding. Remember, we’re not lawyers!


Did this answer your question?