A Brief Guide to Data Protection for CPs
We like to keep it simple, so here are three essential facts that all CPs need to know.
The individual owns their profile data so you can only show their profile to them, not to their manager and not to the HR department.
As a CP you are permitted to view the profiles of employees in your organisation. You may also nominate an administrator to handle profiles. The administrator should be asked to simply process documents without inspecting the content. Individuals are welcome to share their profiles as far and wide as they wish, but you cannot do this without their expressed permission.
Discovery profiles must not be used in the recruitment process. There are no exceptions to this rule.
Since the introduction of GDPR legislation Insights have not permitted the use of profiles for interview candidates. The reason is that even if the employer does not think they are applying any pressure, the candidate’s concern about not being taken forward to the next stage of the interview process is likely to affect their choices. Free consent is an important part of GDPR and interview candidates are not considered to be in a position to freely give consent.
Individuals can request to have their personal data deleted by email. This will delete all records from Insights and The Colour Works.