Skip to content

GDPR and ISO 27001

It is very important to know who you are hiring, but not at any cost. The privacy of the candidates and employees who are being screened is very important. Also, the process and all personal data should be well secured. In short, being GDPR compliant and ISO 27001 certified play a big role in the screening process.

On this page we will tell you more about how Validata complies with the GDPR legislation and how we are ISO 27001 certified.

Our screening software is GDPR proof and ISO 27001 certified

Privacy and security are very important to Validata. During the construction and further development of our software, Valluga, we always apply both privacy by design as well as security by design. As a result all requirements of the GDPR have been taken into account in Valluga. Furthermore, Validata strictly follows its Information Security Management System (ISMS), which is ISO 27001 certified.

What does GDPR proof mean?

GDPR proof refers to compliance with the General Data Protection Regulation (GDPR). This means that Valluga complies with the requirements of the GDPR. Validata processes certain personal data based on the instructions of the client, who is the data controller.

Nevertheless, as a data processor, Validata also has obligations under the GDPR. For example:

  • Data processing agreements (DPA): these must be signed with each client. These include the basis of the data controller.
  • Transparency: A company must clearly disclose what personal data is collected, why they collect it and how they handle it.
  • Data minimisation: Only the data necessary to achieve a certain purpose should be collected.
  • Data breaches: Data breaches should be reported to the data controller as soon as possible.

Validata has its own Privacy Counsel, a separate Data Protection Officer (DPO) and also a processing register.

What is the ISO 27001?

Developed by the International Organisation for Standardisation (ISO), ISO 27001 defines the requirements for establishing, implementing, maintaining and continuously improving an Information Security Management System (ISMS) within a company. Its purpose is to help organisations adopt a systematic and proactive approach to information security.

By meeting the high requirements of our ISMS, which is ISO 27001 certified, information security risks are better understood and identified.

How does a company meet the requirements of ISO 27001?

Risk assessment

Information security risks are identified and these determine what measures are needed to control them.

Policy creation

Policies should be set up so that the organisation’s information security objectives can be achieved in a proper and secure way.

Implementation of security measures

By implementing the established measures, all information is protected against identified risks.

Awareness and training

Creating awareness and training staff on information security is important to reduce risks.

Internal audits

By having systematic and independent assessments audits check your organisation, it becomes immediately clear where there is room for improvement and what is already going well within the ISMS.

Continuous improvement

The ISMS must be monitored and evaluated to constantly improve information security and security risk management.

How does Validata comply with GDPR legislation?

Privacy by design

We ensure that the requirements of the GDPR are already accounted for in the development of new processes and systems. By using privacy by design at an early stage, optimal security of personal data can be guaranteed from the start and organisations can be sure that they rely on an organisation that complies with the GDPR.

Security by design

To guarantee our screening software’s security, Validata uses secure frameworks and continuously monitors and scans the application daily for vulnerabilities. As a result, the safe and precise in-house development team delivers a secure screening application hosted within the EU at a top-tier data centre. Additionally, it is periodically tested through penetration tests and ethical hackers by independent parties.

ISO certified

Validata is also ISO certified (27001 & 9001). This guarantees high quality management and information security.

Why is secure screening software so important?

It is very important because a screening software is used to process and verify sensitive information, mainly personal data. Security and privacy are very important to Validata, which is why our software, Valluga, complies with all regulations regarding privacy and data protection.

Failure to comply with these can have unpleasant consequences:

  • Deterring candidates from being screened: If an organisation is unable to ensure a secure and transparent screening process, this may lead to loss of personal data of the candidates who in turn may lose their trust in that organisation.
  • Large fines: If an organisation fails to comply with the GDPR, worst case scenario is that this could lead to fines imposed by the Dutch Privacy Authority.
  • Reputational damage: Failure to comply with the GDPR can lead to major reputational damage. Companies are less willing to engage with you because your organisation has shown that they are not careful with personal data.
Download
Whitepaper: Tips for GDPR-compliant screening
Download
Whitepaper: Tips for GDPR-compliant screening

Oops! We could not locate your form.

Screenen en privacy

Valluga, the screening software of Validata

We believe that processes should be made as efficient and easy as possible. From this vision, our software, Valluga, was born. Valluga is the software that ensures that your employment screening process is handled professionally, securely and digitally.

Learn more about our screening software

Challenges in employment screening

  • Time-consuming task to gather correct information
  • Complicated to actually check documents and information
  • Increasing laws and regulations around employment screening
  • Higher risk of human errors
  • Process often unclear and not secure enough
  • Poor candidate experience

Benefits of the screening platform Valluga

  • Validata takes all work of your hands
  • Different screening profiles possible
  • Process is digitised and automated
  • Transparant process for client and candidate
  • Both local and international checks via data partners
  • Sub-reports and a completed screening report
  • Valluga complies with all laws and regulations
This site is registered on wpml.org as a development site.
Select the region you are in:
Global
The Netherlands
Sweden
Germany
France