The European Union’s (EU) General Data Protection Regulation (GDPR) went into effect on May 25th, 2018. The GDPR is a significant change for global data privacy law and contains complex rules for organizations dealing with personal data from EU residents.
Korn Ferry respects your privacy and we value the trust that you place in us. We have put together this guide to help you understand the basics of the GDPR and, together with Korn Ferry’s GDPR and Data Protection Measures statement, to provide you with a transparent view of what Korn Ferry is doing to protect your data.
● What is the GDPR?
The GDPR is a comprehensive data protection regulation in the EU. It updates, strengthens, unifies, and clarifies the prior EU data protection law. It gives EU residents greater rights with regard to their personal data and requires the implementation of enhanced policies and procedures by organizations that process personal data.
● To whom does the GDPR apply?
The GDPR applies to any organization that “processes” personal data about an EU resident. Any operation performed on personal data, such as collection, use, storage, disclosure, or disposal, is considered “processing” under the GDPR. The definition of “personal data” under the GDPR is very broad, covering any information relating to an identified or identifiable person (referred to as a “data subject”) residing in the EU.
● What does the GDPR require?
The GDPR establishes a variety of new requirements for the processing of data subjects’ personal data. These responsibilities vary depending on whether an organization is operating as a “controller” or “processor.” Under the GDPR, a “controller” determines how and why personal data will be processed. A “processor” carries out processing activities on behalf of the controller. Depending upon the engagement at hand, Korn Ferry may act as either a processor or a controller. For example, we act as a controller when individuals engage Korn Ferry directly and provide us with their personal data. We may act as a processor where organizations engage Korn Ferry to provide services to their employees or otherwise on their behalf. Below are some of the most important ways that the GDPR updated EU data privacy law:
● What rights do data subjects have under the GDPR?
Under the GDPR, data subjects, with some exceptions, have the right to:
Controllers must have procedures in place to deal with data subject requests and respond to such requests within one month of receipt, subject to applicable extensions.
Note: This overview is provided “as-is” and may change without notice. It is intended for informational purposes only and should not be relied upon as legal advice.
Questions? Call 800-633-4410 to speak to a Korn Ferry representative or complete the form below.
Speak to Rep
Call 800-633-4410 to speak with a Korn Ferry Representative