Skip to main content

How does RChilli comply with GDPR and AI NYC regulations?

Hardik
  • Updated

RChilli demonstrates a strong commitment to both GDPR (General Data Protection Regulation) and AI NYC (New York City’s Automated Employment Decision Tools law) compliance. Here's how these standards are upheld within RChilli’s solutions and practices:

1. GDPR Compliance

RChilli ensures GDPR compliance through robust data privacy and protection mechanisms embedded in its platform and services:

Data Security and Privacy

  • All REST APIs developed by RChilli follow industry best practices for security.

  • Certified under ISO/IEC 27001:2022 and SOC 2 Type 2, RChilli ensures that personal data is handled with high-level safeguards, reducing the risk of data breaches and unauthorized access.

Data Control and Access

  • Customers have full control over their data. RChilli does not store parsed resume data unless specifically indexed for Search and Match functionality. Even then, the data is stored temporarily and can be deleted via API calls like DeleteAllDocuments.

Right to Be Forgotten

  • RChilli allows customers to delete all indexed documents and resume data, supporting GDPR’s “Right to Erasure” provisions.

Regional Server Choice

  • Users can choose server locations in US, EU, or SG, aligning data residency with GDPR requirements. The EU option specifically ensures that European data stays within compliant jurisdictions.

2. AI NYC (AEDT) Compliance

The AI NYC regulation mandates that automated tools used in employment decisions be audited for bias, and results must be made transparent to users.

Bias-Free Recruitment Features

  • RChilli enables resume redaction via its Resume Templater API, helping organizations anonymize personal data such as gender, race, or religion before making employment decisions. This reduces unconscious bias during the hiring process.

Configurable Data Fields

  • Users can switch off fields such as name, gender, or photos in API settings to comply with non-discriminatory practices.

Audit-Ready Matching

  • The Enhanced Search & Match API allows custom scoring configurations (e.g., adjusting weightage for skills, education, location) while maintaining a default scoring baseline, which supports transparency and auditability required by AI NYC.

Transparency & Reporting

  • The Search & Match Engine 3.0 includes faceting and experience range deviation filters, which can be leveraged to generate audit-ready reports and validate fairness in resume-job matches.

Conclusion

RChilli's infrastructure and functionality are aligned with global data protection laws (like GDPR) and emerging AI governance regulations (like AI NYC). Through secure APIs, configurable redaction and scoring logic, and certified data handling processes, RChilli enables clients to deploy AI in recruitment responsibly and legally.

If you need more details or assistance implementing these features, feel free to contact: support@rchilli.com

Related articles

Comments

0 comments

Please sign in to leave a comment.