Ask HN: EU GDPR job vs. USA client passport photo
Hi everyone, I have a "I'm not a lawyer" question and I believe a lot of people with different baseline point of views can shed some light.
I have a conflict with one kind of situation. I would like to understand more and possibly counter my view, maybe some managers or directors will share some of their knowledge about the case. I think the problem is universal to EU in some way, but local laws of different countries definitely apply here. I'm working in Poland on job contract (FTE), I don't have a company. I work for software houses but I know similar situation happens in some IT companies with own brand hiring for themselves locally.
On the ground of polish law, the set of personal information an employer can request and cases in which the request may happen is limited. I know some US (and UK also) companies require background check, which is a failure on the ground of polish law and cultural differences. This background check is usually done by some external company (there is one I know, but I guess there are more of them) and during that check they require hire history and ID/passport scan.
When they receive passport which shows face, name and birthday but with hidden serial number they fail the check. But even without that passport requirement, such background check is not normal thing to do. Normal thing to do is to conduct interview to assess skills, check from both sides for clear vision if the role is what both sides expect and then if offer arrives to pass personal info like identification details, address, in some cases family details (social insurance), tax info and previous employer job confirmation - not personal references - and HR document which is required by law and has a set of data required to confirm dates and positions of employee which has consequences for holidays or tax. Background check mentioned is being conducted also after employee is hired but changes client of the company which is not a valid cause to request additional personal data from employee.
From what I know somehow companies try their best to don't care about what can be required and follow client requirements to do background checks and, I'm just guessing, they would direct their actions to fire or 'encourage' employee to resign if someone does not comply.
What are your experiences? What is perspective in EU country for which you know some work regulations?