Thalento® has always been involved in providing a safe and secure data environment. That's why it was only a logical and minor step to become GDPR compliant.
Today Thalento® is committed to assist all partners, customers & users in making their Thalento® data compliant with the upcoming European GDPR legislation from May 25th.
The main objective of GDPR (General Data Protection Regulation) is the compliant treatment for personal data and the safe and secure management and processing of all data as it is entered and stored on Thalento® Cloud.
We will take you through our already existing protection efforts, introduce to our current GDPR implementation and offer you a preview of the future upgrades.
Right away from the beginning in 2011 Thalento® took privacy very seriously with several protection measures. We assure you that Thalento® highly values the protection of your data and that merely complying to the upcoming European legislation is not enough for us.
We are committed to implement a series of additional security measures over the following months.
Thalento® has always taken a variety of technical and security measures that guarantees the protection of your personal data, including:
The standard use of HTTPS has always been set up for a secured connection between your device(s) and Thalento® Cloud. Any and all connections and interactions with the Thalento® Cloud have always been globally secured.
We have installed several types of users to safeguard the authorised use of personal data, thus eliminating the risk that somebody within a company without the appropriate rights has access to all or specific personal data.
On data security we installed a series of additional security layers :
All partners, co-workers, contractors and advisors are required to subscribe to Non-Disclosure Agreements prohibiting them from disclosing or leaking any data or confidential information that was made available to them.
We have procedures in place for all employees that handle any potential personal data, on how to deal with and process personal data.
We only request data which are strictly necessary for the correct and validated execution of core business (personality & motivation assessments).
To be GDPR compliant we needed to develop and install a number of additional tools, technologies and features, such as :
We needed to review and revise ALL existing privacy policies in ALL languages in order to make them fully compliant with GDPR. We have integrated a dynamic feature. This allows us to align our GDPR compliant privacy policies with any and all company or country specific additional requirements.
We have implemented the features to register and store these company or country specific privacy policies.
This was implemented for:
We have integrated detailed agreements with everybody that has access to data and uses data with detailed procedures on how to process and handle personal data.
A series of additional data security measures have been implemented:
Thalento® Cloud users and participants (candidates & employees) will have the possibility to completely delete their data from our underlying dataset. They will also have the opportunity/ability to attach a specific period (time) on keeping their personal data inhouse.
In order to process certain data (f.e. health data or photo material for marketing purposes) explicit permissions of the data owners is required. The data owners will also have the possibility to withdraw their permission at any time.
We have documented the process on how to handle and process personal data. Thalento® already used a strict policy for anybody involved with data but this implicit procedure has now been formalised in a written procedure.
We have appointed a DPO who is of service to all our stakeholders and will gladly help you out with all your privacy (GDPR) questions or specific requests. Please contact our DPO on email@example.com.
Being GDPR Compliant is not enough for us! We are committed to integrate additional steps in order to make our Thalento® Cloud as secure as possible over the upcoming months. Here’s what we have lined up for you in the future.
We are in the process of creating a dedicated Participant (Applicant/Employee) zone in Thalento® Cloud. This will enable all participants to access and verify their personal data at any time.
Fulfilling our Commitments to Protect your Data is important to us and we are glad to assist you to align and optimise all needed changes required to bring your Thalento® Cloud towards GDPR Compliance.
If you have any additional questions about how we collect, manage and store your company specific personal data within the Thalento® Cloud, do not hesitate to contact us. We are at your service to assist you.
The Thalento® Team