With this global scope and focus on human resources, the company manages a great deal of personal data on a daily basis, with each local entity acting as an independent processor or controller of personal data with local data protection responsibilities.
“Privacy is critical to Randstad because, in HR services, we are working with the data of millions of people,” said Wouter-Bas van der Vegt, the Global Data Protection and Information Security Officer at Randstad. “Privacy is at the core of our business to make sure that our candidates, workers, employees and clients can trust us, while making sure that we still can do our business in an efficient and effective way.”
The Randstad privacy team approached the GDPR with a global mindset and a local approach. They understood the regulation would be a good starting point for the company to manage their data collection and processing activities, and that the GDPR efforts could be rolled out globally. The team approached the GDPR with a mindset that they would start in Europe, and later implement similar practices to other regions, adjusting to specific local legislation.
As a company that itself utilizes innovative technology to serve its clients, Randstad knew that technology could help with their GDPR and global privacy efforts. Manual work in Excel or Word didn’t provide the visibility and automation the team needed to manage efforts across a network of country-based DPOs and privacy champions. Also, with regulation at its infancy and a growing list of local and country-specific laws likely to follow, Randstad needed a solution that could adapt to the changing and evolving global privacy landscape.