SmartRecruiters is dedicated to maintaining the protection of its customers’ and candidates’ data. Despite the recent court decision that invalidates the Privacy Shield, SmartRecruiters, its affiliates, and customers continue to operate under compliance according to GDPR regulation. While thousands of other companies are now required to pivot their data protection strategies, SmartRecruiters remains ahead of the curve with fully compliant processes already in place.
On July 16, 2020, the Court of Justice of the European Union (CJEU) invalidated the European Union (EU) – United States (US) Privacy Shield in its decision in Facebook Ireland v. Schrems (Schrems II), specifying that the Privacy Shield data transfer mechanism does not ensure compliance with the level of data protection required by EU law.
This is a decision that affects both SmartRecruiters and its customers who interact with candidates in the EU. While the Privacy Shield is no longer valid, SmartRecruiters remains compliant due to the Standard Contractual Clauses (SCCs). SCC’s are contractual clauses recognized by The European Commission as providing adequate safeguards for the transfer of personal information. At this stage, the best protection is to sign and adhere to the SmartRecruiters Data Processing Agreement, which includes SCCs. This agreement is available here.
SmartRecruiters is also auditing its US sub processors to ensure they are fully compliant and outlining appropriate next steps. Findings will be shared and any necessary actions will take place accordingly.
For any additional questions regarding the Invalidation of the Privacy Shield, please reference the FAQ document to support your hiring compliance needs.