Skip to main content
All CollectionsCompliance
What is a Privacy Impact Assessment?
What is a Privacy Impact Assessment?

Our privacy impact assessment at HrFlow.ai .

Benqa avatar
Written by Benqa
Updated over 3 years ago

At HrFlow.ai, we have always placed a strong emphasis on the privacy and security of its clients data. To demonstrate our commitment toward the regulation, our clients and their candidates, HrFlow.ai carries out Privacy Impact Assessments (PIA) to explain how secure our technology is and to continuously implement new protections. HrFlow.ai has the willing to perform this assessment several times a year to be at the forefront in terms of privacy and security.

What is the PIA ?

The PIA is a methodology, which guarantee a reasoned and reliable use of personal data during processing according to the GDPR. A PIA should be performed in particular when a processing is systematic and treats a consequent volume of data. Performed in principle by a data controller or by it subcontractors within its scope, the purpose of a PIA is to build and demonstrate the implementation of privacy protection principles so that data subjects retain control over their personal data.

How the PIA is carried out ?

The PIA follows an iterative process recommended by the CNIL, the independent French administrative regulatory body whose mission is to ensure that data privacy. The methodology is based on 4 steps :

  1. Study of the context :
    ​
    Define and describe the context of the processing of personal data under consideration

  2. Study of the fundamental principles :
    ​
    Analyse the controls guaranteeing compliance with the fundamental principles: the proportionality and necessity of processing, and the protection of data subjects' rights

  3. Study of the risks related to the security of data :
    ​
    Assess privacy risks associated with data security and ensure they are properly treated

  4. Validation of the PIA :
    ​
    Formally document the validation of the PIA in view of the previous facts to hand or decide to revise the previous steps

What are the results?

The PIA main result is a mapping of the different risks that could occur. The risks are classified by their impacts on the data subjects and their occurring probability considering the existing protection measures. The implementation of new protection measures imply the reduction of the risks : the remaining risk is the residual risk.

The analysis of the current PIA's results show that HrFlow.ai technology is very safe regarding the privacy and the security : the risk are negligible.

For more details, contact us at : privacy@riminder.net

For more information about the PIA : https://www.cnil.fr/en/PIA-privacy-impact-assessment-en

Did this answer your question?