Last Revised: February 10, 2022
Find out how GPDR affects Textkernel LLC US, doing business as Sovren, and its customers, and what we do to ensure compliance.
What is GDPR?
The European Union (EU) General Data Protection Regulation (GDPR) is a set of regulations that came into effect on May 25, 2018 that enhance the data privacy rights of EU individuals and unify data privacy protections within the EU. The scope of the GDPR covers companies operating in the EU, as well as companies operating outside the EU who offer services to, or monitor the behaviour of, EU residents.
How does GDPR apply to Sovren?
The GDPR sets out obligations on 1) Data Controllers, or those that determine the purpose and means of the processing of personal data of EU residents, and 2) Data Processors, or those that process personal data of EU residents on behalf of Data Controllers.
Sovren is a Data Processor with respect to the personal data processed and/or collected in Sovren's Resume Parser. Sovren processes the personal data collected in these products on behalf of its customers, and those customers are either Data Processors as well or the Data Controllers of said data. As a Data Processor, Sovren processes said data only on the instructions from its customers.
What is Sovren doing to foster compliance with GDPR?
Sovren is committed to GDPR compliance across our products to ensure our compliance. We have reviewed our systems, processes, policies and documentation and updated them where necessary.
What should customers of Sovren do?
When Sovren acts as a Data Processor on a customer’s behalf, our customers as Data Controllers are responsible for ensuring that their use of our services is in compliance with the GDPR. Please consider the following:
- The GDPR requires Data Controllers to have a contract with their Data Processors. The GDPR sets out what needs to be included in the contract (in general called a Data Processing Agreement);
- The GDPR requires Data Controllers to have a legal basis for processing personal data and requires them to provide information to people about how their personal data is processed;
- The GDPR requires Data Controllers to retain personal data no longer than necessary for the purpose it was obtained for. Depending on the usage of Sovren's services, customers may need to conduct data maintenance to be compliant with the GDPR.
Can we be of service?
Please don't hesitate to contact us if you have any questions or comments. Our team is happy to help! email@example.com