In order to make sure A2Z Events is compliant as a data processor, and to ensure that you are compliant as a data controller, A2Z Events made an update to your a2zA2Z Events-powered website on Thursday, May 10, 2018:
- A checkbox will be placed on the 'Add Account' screen for contacts adding themselves into the a2z database. The checkbox will designate approval to a data usage policy. This will be required for every new contact entering the A2Z Events system.
- When an existing contact attempts to update their contact information, they will also be required to check this checkbox.
- The date that this box was checked will be stored in the contact record in Global Admin. Additional assessment and updates for Online Exhibit Contract, Online Sponsorship Sales, Call for Papers, and Booth Personnel Management, forms on which submitters may add contact records as representatives for colleagues, are also underway.
- Please note that no downtime is expected for this update to your site.
On May 25 2018, a new data protection framework for the European Union (EU), the General Data Protection Regulation (GDPR), will come into effect. This is the most significant data protection legislation introduced in Europe in the past 20 years. It is intended to harmonize data privacy laws across Europe, protect and empower the data privacy of all EU citizens, and reshape the way organizations across the region approach data privacy.
Any organization that offers goods or services to EU citizens must comply with the GDPR.
At Personify we take data security seriously. We’ve been working hard to make sure we meet our obligations under the GDPR and are transparent about how we process data.
We are Here to Support our Clients and Candidates
The GDPR clearly defines the roles that different organizations have when managing or dealing with personal data.
There are two major roles – Controllers and Processors. Controllers are organizations that deal with personal data. Personify clients are Data Controllers because they collect data, decide what will it be used for, and how will it be used. Personify plays the role of the Data Processor because Personify processes this personal data, provided by the clients and their candidates, on their behalf. In each role that we play, we are committed to the privacy of our clients and candidates, and outline our GDRR commitments and compliance below.
Data Subjects include candidates, as you are supplying data that can be used to identify you, such as your name, email, contact information, and other such personal information when you apply to one of Personify’s open positions or join one of our Talent Communities. For those candidates who are applying directly to a Personify job position, Personify plays the role of the Data Controller, since we are collecting candidate data for our own internal hiring process. For those candidates who are joining one of our Talent Communities, we play the role of both Data Controller and Data Processor, as we are collecting your candidate data for the purposes of sharing information with and contacting you about job opportunities with our Clients in subject areas and job families you have elected to join.
Data Processing Commitments
Personify may collect Personal Information on behalf of and under the direction of our clients, but we have no direct relationship with the individual employees and job applicants of our clients who provide that Personal Information. Personify engages third party service providers in order to assist us in providing the services to our clients, and Personal Information collected through Personify will be shared with these service providers. Personify’s obligations regarding data transfer to third party service providers is covered in its contracts with its clients, and the third party service providers are only permitted to use the Personal Information they receive as is necessary to provide the Services to Personify’s clients. In addition, the third party service providers are required to keep the Personal Information confidential. Except as provided in this Privacy Policy, Personify will not disclose your Personal Information to third parties without your consent.
Individuals who are either employed by or applying for jobs with Personify clients have the right to ask the Personify clients to correct, amend, or delete data pertaining to those individuals. If you wish to have your Personal Information deleted from a Personify client’s database, please contact that customer directly to resolve your concern.
Privacy Policy
Our privacy policy is consistent with the GDPR requirements. Our policy outlines our commitment to maintaining the privacy of our clients’ and candidates’ personal data. It also explains what we have done to make sure our clients’ personal data is secure and what choices are available to them.
The Rights of Data Subjects
Our clients and their candidates can already access, correct, and modify their personal data stored on our databases or in those of our sub-processors. If you have joined a Talent Community, you can access, correct, and modify your personal data by accessing your account preferences page through the Service.
Clients and Candidates can also contact us at privacy@personifysearch.com if they would like to access, correct, or remove their personal data. As a Processor, we will forward these requests to the relevant clients and help them respond, if needed.
Data Deletion
We have put in place robust mechanisms to delete our clients’ or candidates’ data upon request or at the end of their contract. Clients can also ask us to permanently delete their company data or candidates’ personal data stored on our databases or in those of our sub-processors at any time. If you are a candidate for a position at Personify or have joined any of our Talent Communities and would like to delete specific data, please contact us at privacy@personifysearch.com.
To view the Data Usage and Privacy Policy which will be presented to your end users, please click here.
If you have any questions, please feel free to reach out to us.