Data protection and privacy are top priorities here at Kira Talent. That’s why we’ve ensured that all of our processes meet the standards set by the General Data Protection Regulation (GDPR) regulations that went into effect on May 25, 2018.
How does GDPR affect Kira?
The General Data Protection Regulation (GDPR) is a legal regulation regarding data protection and privacy of users in the European Union. The regulation exists to give users more visibility into and control over how their personal data is being collected and used. It officially went into effect on May 25, 2018.
How is Kira supporting a GDPR compliant process?
Privacy by Design
We have adopted the Privacy by Design foundational principles across all of our product and organizational policies. We conduct a regular review and certification process for our privacy policies. Privacy by Design principles will continue to be integrated into all of our new products and existing product enhancements.
GDPR-Compliant Hosting Service Provider
Our platform is hosted with a GDPR-compliant service provider to ensure all user data is stored safely and securely.
Clearer Opt-In for Active Consent
We offer applicants an explicit opt-in when registering for their assessment. Rather than obtaining implied consent by starting an assessment (“By registering, you agree to the Kira Talent privacy agreement and terms of service”), applicants will now need to actively give consent to begin their assessment.
Stronger Security and Access Controls
By regularly reviewing and auditing every service used by Kira Talent, we ensure the highest level of security.
Data Processing Addendum
A Data Processing Addendum (DPA) holds us contractually obligated to you as a data processor under the GDPR. Kira has signed DPAs with the other organizations we work with to make sure all third-party organizations we use to process your information are also compliant under the GDPR.
We’ve also signed DPAs with all our subprocessors to ensure all the services we work with will treat data as securely as we will. See our list of subprocessors
Data Protection Officer
We maintain the role of a Data Protection Officer. The Data Protection Officer is your go-to contact for questions related to GDPR, privacy, and data at Kira. You can reach them at email@example.com.
Internal Policies & Procedures
All of Kira’s company policies are routinely updated to ensure the highest level of data protection and user privacy. From employee training to security and compliance roadmapping and data breach notification policy, we review our systems and processes regularly to make sure we’re enforcing best practices at all levels.
This post was updated on February 4th, 2022