May 17, 2018
What is the GDPR?
The EU General Data Protection Regulation (GDPR) is the new European data protection law that replaces the existing 1995 EU Data Protection Directive. It will come into effect on May 25th, 2018. It will be the main data protection law throughout all EU member states and applies to any organization outside the EU that offers goods/services to those within the EU.
HRSG will comply with GDPR when it become enforceable on May 25th, 2018. If you use our CompetencyCoreTM software, that involves us transmitting and storing some of your personal data. We are very aware and cognizant of our responsibilities of protecting your data and privacy.
If you’d like more information, please read our Privacy Notice in full. It describes our practices regarding the collection, use, and disclosure of the information we collect from and about you when you use CompetencyCore and its related tools and services. Here we will focus on a few key highlights:
How we use your information
How we use your information may depend on which Services you use, how you use them, and any preferences you have communicated to us. Use of your information is also determined by your administrator and your organization. Generally, this use is related to making employment decisions and evaluations through our Service features. We use the information we collect to provide services, support, safety and security, and more.
As part of the Services, the information collected about you may be shared with third parties. Depending on the Services you use, this may include sharing your information to other service users or to our service providers.
Storage and security
We take the security of your personal data very seriously and implement commercially reasonable safeguards designed to protect your information. We protect your data by employing industry standard scans and proactive tools and processes such has: Tenable Cloud Vulnerability scanning twice a week, Mod Security to protect against data leaks, Routine QA testing to look for security vulnerabilities, and more! Refer to the Privacy Notice in full for a complete list of data protection processes.
We keep the data you provide and collected by your use of the Services for as long as an active subscription exists or as required for the purposes for which it was initially collected. If your account is deactivated or disabled, some of your information and the content you have provided will remain to allow other users to make full use of the Services.
Personal information and Your Rights
You have the right to request a copy of your information, to object to our use of your information, to request the deletion or restriction of your information, or to request your information in a structured, electronic format. Your requests may be limited in certain cases. For example, where fulfilling your request would reveal information about another person and have an adverse effect on his/her rights. Here are some of the rights outlined in our Privacy Notice: Right to Access and Update, Data Portability, Right to Object, and more! Refer to the Privacy Notice in full for a complete list of your rights obtaining to your personal information
Note to end users
Where the Services are made available to you through an organization (e.g. your employer) (our “Client”), that organization is the administrator of the Services and is responsible for the accounts and/or Service sites over which it has control. Please direct your data privacy questions and requests to your administrator, as your use of the Services is subject to that organization's policies. We are not responsible for the privacy or security practices of an administrator's organization, which may be different from this policy.