Data Protection, Your Privacy, and Kira Talent

Over the past several months, our team has been actively working to ensure GDPR compliance for both client schools and applicants using the Kira platform by May 25, 2018.

What is GDPR?

The General Data Protection Regulation (GDPR) is a new legal regulation regarding data protection and privacy of users in the European Union. The regulation exists to give users more visibility into and control over how their personal data is being collected and used. It officially goes into effect on May 25, 2018.

How does GDPR affect Kira?

The General Data Protection Regulation (GDPR) is a new legal regulation regarding data protection and privacy of users in the European Union. The regulation exists to give users more visibility into and control over how their personal data is being collected and used. It officially goes into effect on May 25, 2018.

Here’s how we’ve prepared for GDPR:

Privacy by Design

We have adopted the Privacy by Design foundational principles across all of our product and organizational policies. Next: We will be adopting a regular review and certification process for our privacy policies. Privacy by Design principles will continue to be integrated into all of our new products and existing product enhancements.

GDPR-Compliant Hosting Service Provider

We recently relocated our platform to a GDPR-compliant service provider to ensure all user data is stored safely and securely.

Clearer Opt-In for Active Consent

We made a clearer opt-in process for applicants. Rather than implied consent by starting an assessment (“By registering, you agree to the Kira Talent privacy agreement and terms of service”), applicants will now need to actively give consent to begin their assessment.

Stronger Security and Access Controls

We reviewed every service Kira uses as a company to ensure the highest level of security we could configure. Next: We will regularly review and audit services for increased security.

Data Processing Addendum

We created a new Data Processing Addendum (DPA) for clients to sign. This holds us contractually obligated to you as a data processor under the GDPR. We have signed DPAs with the other organizations we work with to make sure all third-party organizations we use to process your information are also compliant under the GDPR. Next: New and existing Kira clients can sign a DPA with Kira Talent here.

We’ve also signed data processing addendums with all our subprocessors to ensure all the services we work with will treat data as securely as we will. See our list of subprocessors.

Data Protection Officer

We created the role of Data Protection Officer. As the Data Protection Officer, I am your go-to contact for questions related to GDPR, privacy, and data at Kira. You can reach me at privacy@kiratalent.com.

Privacy Policy and Terms of Service

We reviewed our privacy policy and terms of service to ensure the content was clear and easy to understand.

New Internal Policies & Procedures

We’ve reviewed all of our company policies to make sure we’re protecting user privacy in everything we do. We’ve improved our employee training, security and compliance roadmapping process, and our data breach notification policy to make sure we’re enforcing best practices at all levels.

We appreciate your patience as we have, and will continue to, roll out changes in order to better protect your data.

Thank you! 

 

If you have any questions, please reach out to privacy@kiratalent.com.

And, here’s the link for our Data Processing Addendum.


Make your admissions process more human.

More than 300 programs are using the world's only holistic admissions solution to select the best-fit students for their classes.

Learn More
Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Filter by Custom Post Type

Share This Content

Must read articles in the admissions space, delivered straight to your inbox.

Ask us anything

or jump on a call

We'll get back to you as fast as humanly possible :)