FastTrack360 Version 12 Online Help

Privacy By Design

Owned by Jason Quirk
02 March 2023
2 min read

FastTrack has implemented a Privacy by Design policy for the FastTrack360 service which will impact your interactions with clients and candidates. The following sections cover this implementation;

Definition of privacy by design

There are seven principles in the concept of Privacy by Design that FastTrack has factored into its business practices, policies, and service design/delivery. These [1]principles are:

  1. Proactive not reactive/preventative not remedial - The first principle states that data privacy needs commence at the beginning of the planning process.

  2. Privacy as the default - Privacy needs to be at the forefront of what any business does. That means restricting your sharing, using data minimization, deleting data you no longer use, and always operating on a legal basis. It also means using opt-in and opt-out functions and safeguards for consumer data.

  3. Privacy embedded into design - Privacy needs to be core to both your architecture and business. Privacy is a core functionality of the product. You should be using encryption, authentication, and testing vulnerabilities on a regular basis.

  4. Full functionality - If you are sacrificing functionality for privacy, then you are doing it wrong. It is more of a culture shift that requires a balance between growth and security.

  5. End-to-end security - Privacy protection follows data through the lifecycle from collection to deletion/archival. Encryption and authentication are the standard at every stage, but you need to only collect data you need and have a legal basis for. And when you finish with the data, you should use GDPR-compliant deletion/destruction methods for end-to-end protection.

  6. Visibility and transparency - Visibility and Transparency, data subjects should know about your privacy (and processing) practices and you should openly share them. The principle argues a case for a well-written Privacy Policy, which is essential if you fall under the jurisdiction of the GDPR or another law like CalOPPA, anyway. It also argues that there needs to be a mechanism for data subjects to air their grievances, ask questions, and ask for changes.

  7. Respect for user privacy - Privacy needs to remain user-centric. It means acknowledging that even if you have the data, it belongs to the consumer you collected it from. Your data subject can grant and withdraw their consent for your use of their data.

 

 

 

[1] Implementing Privacy By Design, https://www.privacypolicies.com/blog/privacy-by-design/ , Nicole.0, 23 April 2020

 

Related pages

Service Security
Service Security
FastTrack360 Online Help
Read with this
Disaster Recovery
Disaster Recovery
FastTrack360 Online Help
Read with this
ISO27001- ISMS Controls
ISO27001- ISMS Controls
FastTrack360 Online Help
Read with this
How does FastTrack360 deal with individuals rights?
How does FastTrack360 deal with individuals rights?
FastTrack360 Online Help
Read with this
FastTrack360 Service Outline
FastTrack360 Service Outline
FastTrack360 Online Help
Read with this
What role does the FastTrack360 service play in the EU
What role does the FastTrack360 service play in the EU
FastTrack360 Online Help
Read with this

Classification-Public