HackerEarth is committed to honoring its users’ rights to data privacy and protection. We have a privacy-conscious culture, and GDPR is an opportunity for us to strengthen this further. Being GDPR-ready has been of the highest priority this past year, and our product and legal teams have devoted a lot of extra hours to adhere to its requirements, give users more control over their data, and explain what we do with the data. (PS: To further our crusade toward data protection, we are also in the process of the getting the ISO 27001 certification.)
General Data Protection Regulation (GDPR), which will go into effect on May 25, 2018, replaces the 1995 Data Protection Directive. Designed to give EU citizens more control over their data, it aims to use one all-encompassing privacy and security law to safeguard personal data. Regardless of their location, relevant controllers or processors dealing with EU residents’ personal data are required to update or craft new policies ahead of the date or be prepared for penalties.
Article 4 in GDPR definition states that ‘Personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Both personally identifiable information (PII) and information which can be cross-referenced with other information to identify a person is included in the definition. Examples of sensitive PII include medical information, biometric information, social security ID, license number, birth date, etc. The personal data collected should be pseudonymized and/or encrypted.
In our efforts to get the organization ready for sustainable compliance, HackerEarth has taken several steps—from raising awareness in the organization about the principles of GDPR and our data protection policy to training employees to responsibly handle user data and auditing.
Also, to make sure our sub-processors do no breach the regulation, we are assessing our third-party service providers and partners and fine-tuning the contracts.
We have assessed HackerEarth Sprint, our innovation management software, and HackerEarth Recruit, our Technical Recruitment software, against the requirements of the GDPR and have implemented features that will help users achieve compliance.
Our application teams strongly believe in letting the end users exercise their rights with respect to privacy. We are working to give you more control over the data you store in our systems. These provisions may vary based on your requirement, product characteristics, and mutually agreed upon statement of work. Our teams are working on these features and enhancements, which will be rolled out in phases.
How HackerEarth enables customers to be GDPR compliant:
HackerEarth is also taking care of many more such features to ensure the customers are compliant and users have complete control over their data.
Based on our data flows and data handling practices, we have revised our privacy policy and added further information on the personal information we collect, why we collect it, how we will use it, how long we will store it, and so on. Moreover, we are reviewing our databases to make sure we have only the latest and most accurate information.
We have put together a glossary of the terms and information on when HackerEarth acts as a data processor or a data controller. Additionally, we have appointed internal privacy champions for all our teams.
In case a personal data breach occurs, we will send breach notifications in accordance with our internal incident response policy.
We will notify our customers within 72 hours of us discovering the breach.
We will notify users through our blogs and social media for general incidents.
We will notify the concerned party through email (using the primary email address) for incidents specific to an individual user or an organization.
We have a whole series of blogs planned, with more updates and information to come. Please feel free to ask questions and share your concerns with us at vr-gdpr@hackerearth.com.
***For more information, see our Privacy Policy here.
In today's competitive talent landscape, attracting top candidates requires going beyond traditional job board postings.…
With growth, recruiting the best technical talents becomes one of the most important, but also…
In recent years, recruitment practices have changed tremendously. As the times advanced, organisations took numerous…
Today’s job market is very competitive. Organizations must adopt data-driven approaches to amplify their recruitment…
Organizations of all industries struggle with employee turnover. The high turnover rates cause increased hiring…
Candidate assessment is a major part of the hiring process. The talent acquisition system emphasizes…