TechFetch H1B Services is a company that provides services of online Pre Employment Tests to the employers of various organizations and companies to help them choose the right candidates for the job roles they are hiring for. The company helps employers in choosing the right skill analysis tests suitable for the specific job roles for which the candidates are interviewed for.
In order to conduct these tests, TechFetch H1B Services needs to have access to the personal details of the candidate so that the test to be conducted without any hindrance. Therefore the company is obliged to follow Data Protection and Privacy guidelines set forth by the EU in General Data Protection and Regulation or GDPR.
The primary aim of GDPR is to ensure that the organization processes the candidates' data safely and transparently and use it exactly for the purpose for which the data was procured in the first place. TechFetch H1B Services follows the rules and regulations as per GDPR so that the collected data is used only for the purpose of smooth functioning of the tests and to make sure that the data is not leaked or breached in any case.
The Company’s approach in regard to the GDPR compliance is explained and outlined in the coming sections .
Recruitment is the first process of TechFetch H1B Services in which employers are assisted in conducting the skills tests and thereby shortlisting candidates for the final interview. This includes all the personal details of the job applicants to be fed into our websites for registration. Therefore, as per GDPR guidelines, TechFetch H1B Services acts a Data Processor whereas our clients who are the employers or management of the organization acts as the Data Controller.
The Data Processor has the authority to handle the data received from the Data Controller with precision and supreme care. The safety and security of this collected data is taken into highest account and precautionary steps and care is taken as per GDPR guidelines. Also, in accordance with Article 32 of the GDPR guidelines , an incident response plan is pre planned to take control of the situation in case of any unpleasant incident that might put the personal data of the candidates at risk.
The Pre-Employment Skills tests are usually conducted using the personal mail id of the candidates. Also, our clients or employers have access to additional information like the resumes of the applicants. The personal information that helps in candidate identification like the name of the candidate, gender, education details, residence, etc, requested by our clients will also be in regards to GDPR.
The Article 5 of GDPR mentions that the data can be collected only for explicit reasons and specified purposes which are legitimate enough and hence it should not be further utilized or processed in an unethical manner. This is in order to ensure that the data is processed in a transparent and fair manner.
According to Article 6 of GDPR, the data can be lawfully processed by TechFetch H1B Services because of the following reasons:-
TechFetch H1B Services ensures that the company receives the consent of the candidates before proceeding with the analysis tests. The terms and conditions will be updated to the candidates in a message prior to participation to let them know about the transparency of the process of data collection. Even Though the candidates can cancel their consent at any time as per GDPR guidelines, this request can be denied if data processing is highly necessary for legitimate reasons set forth by the controller. Hence TechFetch H1B Services will proceed based on the direction from our customer.
The data collected from the data controller is handled by using the following steps or processes :-
The candidates are entitled to know the details regarding the security aspects involved during data handling while collecting data from our clients.
According to Article 46, it is possible to transfer data across EU borders if the data controller or the customer and the Data Processor or the Interview Mocha have made an agreement which includes clauses specified by the EU. Also the later should have taken the necessary security measures required for the transfer. The transfer is to be completely in compliance with the GDPR. Article 49 also provides confirmation regarding this by stating it can be done for the necessity of carrying out a contract between the data controller and the data subject.
TechFetch H1B Services gives full guarantee on the secure keeping of your data. The private information is not supposed to be stored for longer periods as per GDPR. Hence TechFetch H1B Services provides a flexible system for our clients or data controllers. As per their need, we maintain or delete the database for a specific period of time.
The personal database can also be retained if necessary for only the limited purpose of the task at hand. This is done only when that particular data is needed for processing for an urgent and specific purpose which is mentioned within our privacy policy. Otherwise, the data is not stored for longer periods than it is necessary.
All the activities and tasks related to the individual data of a candidate needs to be maintained by the representative of each data controller within a well maintained record as per the Article 30. Our company maintains a detailed log of all the processes involved and any additional tasks will be recorded as per customer needs in compliance with the policies.
The Article 33 of the GDPR specifies that the authority who is in the superior position needs to be made aware of any kind of breach in data within 72 hours of the happening of data breach. Our company has the necessary facilities and mechanisms for monitoring data to be notified of any such violations. Within less than 24 hours of the incident, we will notify our customers or data controllers about the situation in case a breach is discovered. Article 33 has guidelines on the measures needed to be taken for communication between the processor and the controller. In this way, we ensure that our customers have required time needed for contacting the authority on data breach.
TechFetch H1B Services gives importance in protecting and managing the database received from our clients in the utmost secure way with regards to the guidelines put forth in the GDPR regulations and laws. We ensure compliance in both ways which includes our company M/s TechFetch H1B Services as the data processor as well as our clients, the employers or the data controllers. Both parties are expected to be in accordance with the rules and regulations of GDPR. And hence we assure that our company and its processes are GDPR compliant in every aspect involving data handling of the profiles of candidates or the data subjects.