Monjin Logo
Background

Monjin's commitment to GDPR Compliance

We're committed to helping Monjin's customers and users understand, and where applicable, comply with the General Data Protection Regulation (GDPR). The GDPR is the most comprehensive EU data privacy law in decades and went into effect on May 25, 2018. Besides strengthening and standardising user data privacy across the EU nations, it introduces new or additional obligations on all organisations that handle EU citizens' personal data, regardless of where the organisations are located. Monjin, as a Data Processor, collects and stores relevant Personal Data for the purposes of delivering the Monjin services.

The data we collect and store on behalf of our customers

  • Name, phone number, demographics, gender, email and location;
  • Depending on client configuration – skills, employment history
  • Video profile and video interview, which may include your bodily image and voice, as well as your surroundings
  • Internet Protocol (IP) address, cookies, location, browser type, access time, error log

How we comply with GDPR

The GDPR's updated requirements are significant and our global team has adapted Monjin's product offerings, operations and contractual commitments to help customers comply with the regulation. Measures we have implemented include: The GDPR's updated requirements are significant and our global team has adapted Monjin's product offerings, operations and contractual commitments to help customers comply with the regulation. Measures we have implemented include:

  • Notice – We display adequate notices to users while accessing the Monjin website and platform making them aware of what data is captured and where it is processed, how it is processed and what are the user's rights.
  • Choice and consent – Monjin obtains explicit consent of users before capturing and processing their personal information. The user always has a choice to opt out of Monjin services.
  • Collection, use, retention and disposal – Monjin has adequate processes to ensure we only collect information relevant to our and our client's business and use it only for that purpose. We have an appropriate data retention and disposal program in place.
  • Access – The access to the user's personal information is restricted by role based access control on a need to know basis. User has a portal access to modify, confirm and delete his profile information.
  • Disclosure to third parties – User's personal information is disclosed only to those third parties that we use for processing of personal information, and the user is made aware of these third parties during the notice display.
  • Security for privacy – Monjin is an ISO27001 certified organisation and has adequate measures to prevent or detect data breaches or misuse.
  • Quality – Monjin always maintains current and accurate information about the users, and every single user has the ability to access and modify his data as per his need.
  • Monitoring and enforcement – Monjin's data privacy officer continuously assesses the program effectiveness and on a periodic basis uses professional services organisations to assess compliance levels and takes corrective actions.

How do we protect your personal information?

  • Monjin uses a secure cloud infrastructure platform of Microsoft Azure. Monjin itself is an ISO 27001: 2013 – information security certified company, and we only use security-certified companies to support in delivering services to our clients. A few specific controls that we have implemented to protect your Personal Information are:
  • Encryption for data at rest and during transit
  • Masking of Personal Information at rest and during transit
  • Access to videos and documents using shared access signature
  • Row-level security within the database
  • Role-based access control
  • Continuous control monitoring (vulnerability assessment and penetration testing at each stage of SDLC)
  • Monitoring and enforcement – Monjin data privacy officer continuously assessesthe program effectiveness and on a periodic basis uses professional servicesorganisations to assess compliance levels and takes corrective actions.

Should you have any questions, please reach out to our CISO at privacy@monjin.com. Looking for more information? Here are some reference Terms of Service and Privacy Policy