The data delivered by job applicants are already collected during the recruitment process. When some of them become employees, their data will go into the internal records of the employer, public institutions, clients or service providers. After the end of the cooperation, the employees become the company's alumni, and their data are stored according to the statutory retention periods.
During the recruitment process, the most important thing from the auditor's point of view is the compliance of personal data acquisition with the GDPR. During the audit, the following documents are checked:
Human resources and payroll administration are the most extensive part of the audit, both from the point of view of duration and regularity of personal data processing. The number of activities and documents depends on the size of a company and the benefits to which employees are entitled. To verify the compliance of data processing with the GDPR, the following documents are required:
Over the last two years, we have observed a significant number of changes implemented in companies in connection with the entry into force of the GDPR. Nevertheless, there are still many areas that have not been adapted to current legal requirements. This is why an audit is recommended to be conducted at least once a year. The most effective way of verifying the compliance of procedures with the relevant regulations is to have an audit conducted by an independent company. The company will then gain a guarantee that all issues have been checked thoroughly.
Contact our expert
Personal data protection