Using the Altamira HRM platform greatly simplifies the processes of ensuring compliance with current privacy regulations, compared with traditional systems such as Excel spreadsheets and e-mails.
Our platform supports you in implementing your own data retention policies for both employees and job candidates. It has the capability of tracking consents given to the processing of personal data, and allows the enforcement of rights such as the right to erasure and the right to the limitation of data processing.
Choosing a cloud-based solution such as Altamira HRM will protect you against the risks arising from managing personal data “by hand” using e-mail and corporate servers. Such tools do not offer secure methods to manage the deletion of data in compliance with your data retention policy.
To adapt to the new regulations on the processing of personal data, and to the GDPR in particular, Altamira has employed the assistance of a law firm to carry out a deep analysis and update on all fronts, starting with an assessment of the situation and proceeding to the work of remedying deficiencies.
As a result, both our contracts and the procedures and technologies we have adopted are in compliance with the regulations, and have as their aim the correct and secure processing of the personal data of employees and job candidates that is entrusted to us by our clients.
Altamira offers its customers a dedicated, continuously evolving GDPR console for setting their data processing policies.
Through it, you can manage consent forms for both employees and job candidates, whether you choose to employ the model consent forms we have created together with our privacy lawyers or to use your own personalized consent forms. The platform also tracks the history of all the consent forms used, so you can always know, for example, which document a job candidate has viewed and what consents they gave.
The console also helps you set the rules for data retention and set up the automatic deletion or anonymization of any data that does not conform with the rules set out by your company’s policy.
We have refined all our company’s procedures to ensure that Altamira complies with the GDPR from an organizational point of view.
First of all, we have proceeded to implement all the main policies required by the regulations, from those concerning data breaches to privacy by design. Furthermore, we are providing training and regular refresher courses on the subject of personal data processing to our personnel, particularly to our development team and customer service team. Finally, in order to guarantee maximum transparency, we have appointed an external Data Protection Officer, independent from us as well as from our privacy advisors.
To ensure the highest level of security and data protection from a technical point of view, we are employing the latest technologies and best practices in the field. We encrypt all our outside communications, using HTTPS for all our pages, both those for job candidates and those for employees. We also encrypt data that is “at rest” on mass storage devices, and we have adopted automated threat detection tools using the latest-generation log analytics combined with artificial intelligence for the analysis of any suspicious behavior.