With the GDPR in full effect, businesses around the world working with the personal data of EU residents will have to make some major changes.
Recruitee is committed to providing flexible tools to allow our customers to configure our GDPR features to best meet their compliance needs. Ultimate responsibility for compliance rests with you. But these features help you meet that responsibility with minimal fuss.
We support your GDPR (AVG, DSGVO, RGPD) compliance by helping you:
- Set how long you want to keep candidate data and easily see when the data expires;
- Share GDPR reports with your team members;
- Include GDPR compliance in all of your email communication with candidates;
- Display a data retention period on each candidate profile so you know when their consent is about to expire;
- Add a cookie consent box to your Careers Site;
- Allow a candidate to request the deletion of their information;
- Allow a candidate to request an update of their information.
Settings - Enabling GDPR features
To enable the GDPR compliance features, start by navigating to your settings.
1. Go to Settings > Company Settings > GDPR.
2. Select Enable GDPR Features.
3. Set how long you want to keep candidate data (retention period)
You can no longer store candidate data indefinitely due to GDPR. This setting determines how long the data retention period is for your stored candidate data. This time period starts the moment the candidate applies, and ends when your set timeframe expires. After a candidate profile expires, you will be notified and be given the option to delete them in bulk.
5. Enable auto-confirmation emails
In case you do not automatically have auto-confirmation emails activated for all your jobs, you can fix it by clicking "Fix it now", to make sure any automated email that gets sent will have GDPR compliance links in the footer.
This means that everybody who applies to one of your open jobs will get an email with links through which they can either request their personal data to be removed or a correction to their data to be made.
6. Adjust your GDPR email footer
When you enable the GDPR features, an template email footer will automatically be added to your auto-confirmation emails, containing links through which candidates can request deletion or correction of their data.
Click "Edit" to customize the footer to match your company details. Make sure you always give candidates the option to request a deletion of their personal data or a correction to their personal data.
Can I translate my GDPR email footer?
You can translate your email footer. You can also translate your auto-confirmation email. For more information, checkout Translate Confirmation Email.
Reports - Share GDPR reports with your team members
As an admin, you will have direct access to GDPR reports that you can share with your team members.
They will be sent daily if there was at least one GDPR change since the last report.
Go to Settings > Company Settings > GDPR to add any team member that should have access to GDPR reports.
These reports will always tell you what has changed since the last report and which insights you need to act upon. You will be able to quickly access any candidate data that has expired and can share the reports with any of your team mates.
Search - Finding the right candidates quickly
Use search to quickly find qualified candidates that have applied to one of your open positions or any other combination of filters.
Combine different Boolean operators to refine your search by combining or limiting terms.
Save your search combinations so you always have a quick way to find the candidates you need at any given time.
Candidates - Managing candidates
Go to the Candidates section on the left and click GDPR Compliance to see all:
- Candidates whose data retention period is drawing near;
- Candidates that have requested their data to be removed;
- Candidates that requested a correction of their personal data.
Combine filters such as profile expires in and candidate status to filter out the candidates in your database whose data retention period is drawing near and tie those candidates to your current job pipeline.
Use bulk actions to extend the data retention period of multiple candidates at once or to inform them about any corrections when it comes to their personal data.
Use search to quickly find candidates that requested deletion of their personal data so you always know which actions to take.
Once candidates click the removal request link in one of your emails, they can write out their request which will be shown on their candidate profile and in removal requests.
After submitting such a request, they will always get an email confirmation once you have taken action.
Once candidates click the correction request link in one of your emails, they can write out their request which will be shown on their candidate profile and in correction requests.
Our goal is to ensure that GDPR information is visible to team members when they’re interacting with candidates. To make this easy, we’re showing the expiration date information directly on the candidate profile next to the job they applied for:
Depending on whether the GDPR allows it, you may choose to extend the retention period of a candidate profile.
Otherwise, delete the candidate's data from Recruitee.
Under More in each candidate profile, simply click Extend expiry date and select the desired period. At the end of this timeframe, the candidates will be displayed to you so that you can take action.
If a candidate has requested correction or removal of their data, a banner will appear near the top of their profile, letting you know which action you need to take.
A request for removal
A request for correction
Mailbox - Including GDPR compliance in your automated emails
If you have enabled auto-confirmation emails in Settings > Company Settings > GDPR, every candidate that applies will receive an automated confirmation email with the GDPR links in the footer.
When emailing candidates, you can also directly insert the GDPR removal and correction request links into your email communication.
Click Insert and select GDPR Links to insert any of the two GDPR links.
You can make email templates that include any of the two links in your footer, and insert them straight into any email you draft towards a candidate.
When a candidate clicks the removal request link in an email, they will be taken to a separate page where they can add their personal message.
After a candidate clicks Request removal they will be notified that their request has been sent.
Depending on how you have set up your GDPR settings, you can create email templates that have the GDPR links included.
Edit your email templates under Settings > Workflow > Email templates.
Click Careers Site in the top-right, open up the Careers site editor and scroll down to Terms & Privacy.