This document is intended for informative purposes only. It does not constitute legal advice regarding the GDPR or any other matter, and may not be used or relied on for such purposes.
This guide is part of Comeet’s GDPR compliance options. See the overview here.
The identity and contact details of the company (and contact details for the company’s data protection officer, where applicable).
The steps candidates need to take to exercise their EU rights to access, correct and erase their data, and how they should contact you to exercise those rights.
How candidates can contact you to understand the source from which their data was obtained and then uploaded to Comeet.
The existence of automated decision making regarding the candidate, and meaningful information about the logic used and consequences for the candidate.
How you treat information about candidates who are minors.
Publish your company’s privacy online, at a publicly available URL.
In Comeet go to Company Settings > GDPR (requires an Admin or Owner role).
How candidates are notified
First email message
Candidates who are defined as data subjects protected by the GDPR are notified in the first email message sent to them:
Note: When reaching out to passive candidates who are subject to GDPR, the first message sent to each candidate will automatically include the links to the privacy policies.