GDPR Article 5 requires that personal data may only be collected "for specified, explicit and legitimate purposes and must not be further processed in a manner that is incompatible with those purposes." hireEZ and our customers, as data controllers, will therefore need to pay extra attention to what personal data is being stored and why. Both hireEZ and our customers will not store personal data that is not necessary or justifiable for that purpose, or use it for other purposes. In order to comply with GDPR, hireEZ has instituted the following:
hireEZ's privacy policy is located on our website and sets out our data collection methods, practices, and purposes, which allows for our users, customers and partners to be informed about their privacy rights and obligations in a transparent manner.
hireEZ appointed a Data Protection Officer (DPO), who is properly and timely involved in all issues related to the protection of personal data and reports to the highest management at hireEZ.
hireEZ sends out notices to data subjects informing them of their rights under GDPR and how they can exercise them through channels created by hireEZ.
hireEZ provides a portal on our website where data subjects can submit requests to exercise their rights with respect to their data, such as access, removal, and correction.
hireEZ enters into Data Processing Agreements with customers and data suppliers to contractually safeguard data processing activities.
hireEZ undergoes Data Protection Impact Assessments (DPIA) whenever there is a substantial change to our processing activities.
hireEZ has undergone a legal basis analysis, and reviews it whenever there is a major process change.
hireEZ appointed TRUSTe LLC, a subsidiary of TrustArc, to conduct an independent audit of our data protection practices against GDPR requirements. For more information on our TrustArc GDPR validation, please
click here.