General Data Protection Regulation (GDPR) is a regulation on European Union (EU) law on data security and privacy for all individuals residing in an EU member state. The regulation primarily is in place to provide more control to an individual over the use of their personal identifiable data. GDPR will go into effect on May 25th, 2018.
In relation to GDPR Personal Identifiable Information (PII) refers to any data that can be used to identify an individual. A few obvious examples would be and individuals passport number, mailing address, email address, or phone numbers. However, with updates to technology information such as IP address, social media posts, and behavioral data can also be considered PII.
Companies based or have a large presence within the EU are most affected. However, any organization that requests or uses Personal Identifiable information from an individual within the EU should be interested in how that data is process and stored.
No, the GDPR does not require data to remain in the EU. However, it does required that an organization have valid transfer mechanism in place before it leaves the EU. One of these mechanisms is having a Privacy Shield Certification.
RIVS, Inc. and all of its subsidiary products (Thrive, Prep, and Interview Guide Builder) is taking the appropriate steps to be GDPR compliant by May 25th, 2018.
At RIVS we value the individual rights to privacy and security around personal identifiable information. Because of that we have implemented a set of Privacy Principles and Security Principles. These principles are what we use to make product and business decisions within our organization.
All requests can be submitted to email@example.com. However, the procedure is slightly different depending on if the data subject is a user (administrator, recruiter, manager, etc. with a RIVS log in) or a candidate / student (or any individual submitting their data for the benefit of the RIVS client).
If the requestor is a user of the platform we follow our internal procedures in handling the request. We will provide updates as to the erasure, access, or rectification of the data in question. All data requests can be emailed to firstname.lastname@example.org with the following information:
All requests will be responded to within a timely manner.
If the requestor is a candidate / student a RIVS support team member will reach out to the administrator of the account that is processing the data of the individual. It is up to the client to decide what steps they would like to take with the request.
As the client you are the data controller. Meaning, it is your choice how you want to honor the request. If you would like to honor the request of the candidate / student please email email@example.com with the following information:
Our data processing agreement has been put into place to ensure GDPR compliance for both RIVS and the signing parties of the agreement. However, if you have a concern with the agreement please email firstname.lastname@example.org and we will do what we can to rectify your concern.