GDPR Compliance Overview

What is GDPR?

GDPR, short for General Data Protection Regulation, is a series of regulations established by the European Parliament and Council of the European Union in April 2016. Officially initiated on 25 May of 2018, GDPR replaced the earlier Data Protection Directive as the leading law on data protection within the European Economic Area (EEA) and European Union (EU).

Primarily and most importantly, GDPR empowers individuals with the right to control their personal data.

Additional Resources:

  1. 1. Official Journal of the European Union: General Data Protection Regulation
  2. 2. Official Journal: Data Protection Directive
  3. 3. European Commission: Rules for business and organizations

About Manatal and GDPR compliance

We at Manatal are committed to deliver the tools required by today’s talent acquisition professionals--not solely to hire top talents, but also to support compliance throughout every region.

  • We provide you with tools supporting your GDPR compliance.

  • We encrypt and secure all of your data using the latest technologies.

  • We allow access, modification and permanent deletion of your data.

How Manatal helps you stay compliant

As personal data privacy, yours as well as that of your candidates, is of the utmost importance to us, our platform was designed to simplify and ease compliance to GDPR regulations. To that end, we’ve included features that help Manatal users meet the specific requirements set by the GDPR.

Our goal is to provide you with the tools necessary to adhere to data privacy laws and regulations, and remain informed of the various rights accorded to yourself and your candidates as you recruit.

Data Security

Manatal ensures the highest level of security for its clients by:

In addition, our servers are located in the US and we are currently hosted on AWS (Amazon Web Services), one of the most secure and comprehensive cloud-service providers in the world.

AWS offers several compliance measures available to all customers. These measures ensure that AWS will give the customer’s data the same high levels of security, privacy, and data protection that it would receive in the EU. This allows the transfer of candidates’ personal data from the EU to the US with a level of data protection that is acceptable under EU law.

You will be able to find more information by visiting the following links:

Data Subject Consent

According to our understanding of Article 6 of the GDPR (quoted below), collecting resumes and other relevant information from candidates is considered a “legitimate interest” for a company trying to evaluate and hire/place candidates, and therefore companies should not be obliged to collect consent from job applicants.

1. "Processing shall be lawful only if and to the extent that at least one of the following applies:

Should your interpretation of what constitutes a "legitimate interest" differ from our own, Manatal's platform provides a full set of tools to help its clients gather, manage, and analyze consent from individual applicants.

Data Subject Rights

Under GDPR regulations, data subjects are protected by the following:

To help you remain compliant on those three requirements, Manatal includes a number of features:

If you have any other questions, please feel free to reach out at [email protected]

  • We encrypt all of our clients’ candidate databases.
  • We run daily back-ups of our database to ensure your information bank is safe.
  • For more detailed information, please check Manatal’s security page.
  • Out-of-the-box compliance reports and analytics allowing you to set up goals and guidelines to remain compliant.

Sign up to our newsletter