This information was last updated on May 18, 2021.
The General Data Protection Regulation (GDPR) was adopted in April 2016 to reinforce data protection laws for all citizens within the European Union (EU). Since 25th May 2018, GDPR is now in full effect and impacts all businesses working with personal data from the EU. That means all of us who has or will have candidates from the EU in their hiring pipelines. We will all have to comply with GDPR fully. As the chosen applicant tracking system (ATS) for many international companies handling EU data, we have a clear stance when it comes to GDPR.
If you use GoHire’s Applicant Tracking System then you are seen as a Data Controller. As a Data Controller, you have the responsibility for the protection of the personal data of your applicants. With such responsibility comes the need to have full control over how your Applicant Tracking System processes personal data.
We suggest that you take legal advice that will apply specifically to your company and ensure you fully comply with the latest GDPR requirements.
GoHire is seen as a Data Processor for the personal data of applicants that are processed with our Applicant Tracking System. Our mission is to make sure our users have all the tools required to shape their data processing as they see fit.
We have developed a special product roadmap that addressed all areas in GoHire impacted by GDPR. With the aid of our Data Security Officer and external law firms, we have outlined out a GDPR-tailored product roadmap that will assist our clients in achieving 100% compliance in their hiring activities. You can access GDPR specific settings in your account at Settings > GDPR.
For more information on the third-party services used by GoHire see our list of subprocessors.
GoHire’s core network is powered by a number of services provided by Amazon Web Services (AWS), hosted in multiple availability zones within the London region. We also enforce HTTPS for all connections to our web servers and operate strict firewall policies on our core infrastructure, limiting access to various areas of our network.
All data stored is encrypted at rest using the industry standard AES-256 algorithm. This protects against information leaking through physical access to the storage devices