With the GDPR in full effect, businesses around the world working with the personal data of EU residents will have to make some major changes.

Recruitee is committed to providing flexible tools to allow our customers to configure our GDPR features to best meet their compliance needs. Ultimate responsibility for compliance rests with you. But these features help you meet that responsibility with minimal fuss.

We support your GDPR (AVG, DSGVO, RGPD) compliance by helping you: 

  • Set how long you want to keep candidate data and easily see when the data expires;
  • Share GDPR reports with your team members;
  • Include GDPR compliance in all of your email communication with candidates;
  • Display a data retention period on each candidate profile so you know when their consent is about to expire;
  • Add a privacy policy to your Careers Site and/or ask candidates for consent to process their personal data;
  • Add a cookie consent box to your Careers Site;
  • Allow a candidate to request the deletion of their information;
  • Allow a candidate to request an update of their information.

Below is a step-by-step guide to enable your GDPR features in settings, configuring them, sharing "GDPR Reports", using search in "Candidates", including GDPR links inside your "Mailbox" and how to implement a Privacy Policy in your "Careers Site". 

Settings - Enabling GDPR features

To enable the GDPR compliance features, start by navigating to your settings. 

1. Click "Settings" on the left side menu.

2. Under "Company", click "GDPR compliance". 

3. Enable the GDPR features, by clicking the toggle.

4. Set how long you want to keep candidate data (retention period)

With GDPR you can no longer store candidate data indefinitely.
This setting determines how long the data retention period is for your stored candidate data. This time period starts the moment the candidate applies, and ends when your set timeframe expires. After a candidate profile expires, you will be notified and be given the option to delete them in bulk.

5. Enable auto-confirmation emails

In case you do not automatically have auto-confirmation emails activated for all your jobs, you can fix it by clicking "Fix it now", to make sure any automated email that gets sent will have GDPR compliance links in the footer.

This means that everybody who applies to one of your open jobs will get an email with links through which they can either request their personal data to be removed or a correction to their data to be made.

6. Adjust your GDPR email footer

When you enable the GDPR features, an template email footer will automatically be added to your auto-confirmation emails, containing links through which candidates can request deletion or correction of their data. 

Click "Edit" to customize the footer to match your company details. Make sure you always give candidates the option to request a deletion of their personal data or a correction to their personal data.

Can I translate my GDPR email footer?
You can translate your email footer. You can also translate your auto-confirmation email. For more information, checkout Translate Confirmation Email.

Reports - Share GDPR reports with your team members

As an admin, you will have direct access to GDPR reports that you can share with your team members.

They will be send daily if there was at least one GDPR change since the last report.

Go to "Settings" and click "GDPR Compliance" to add any team member that you want to have access to GDPR reports.

These reports will always tell you what has changed since the last report and which insights you need to act upon. You will be able to quickly access any candidate data that has expired and can share the reports with any of your team mates.

Search - Finding the right candidates quickly

Use search to quickly find qualified candidates that have applied to one of your open positions or any other combination of filters.

Combine different Boolean operators to refine your search by combining or limiting terms.

Save your search combinations so you always have a quick way to find the candidates you need at any given time.

Candidates - Managing candidates

Go to "Candidates" and click "GDPR Compliance" to see all GDPR protected candidates: 

  • The ones whose data retention period is drawing near;
  • Candidates that have requested their data to be removed;
  • Candidates that want a correction to their personal data.

Combine filters such as "profile expires in" and "candidate status" to filter out the candidates in your database whose data retention period is drawing near and tie those candidates to your current job pipeline.

Use bulk actions to extend the data retention period of multiple candidates at once or to inform them about any corrections when it comes to their personal data.

Use search to quickly find candidates that requested deletion of their personal data so you always know which actions to take.

Once candidates click the 'removal request' link in one of your emails, they can write out their request which will be shown on their candidate profile and in 'removal requests'.

After submitting such a request, they will always get a email confirmation once you have taken action.

Once candidates click the 'correction request' link in one of your emails, they can write out their request which will be shown on their candidate profile and in 'correction requests'.

Our goal is to ensure that GDPR information is visible to team members when they’re interacting with candidates. To make this easy, we’re showing the expiration date information directly on the candidate profile next to the job they applied for:

Depending on whether the GDPR allows it, you may choose to extend the retention period of a candidate profile.

Otherwise, delete the candidate's data from Recruitee.

Under 'More' in each candidate profile, simply click the "Extend expiry date" and select the desired period. At the end of this timeframe, the candidates will be displayed to you so that you can take action.

Whether it is a correction request or a removal request, this will show up near the top of a candidate's profile, letting you know which action you need to take.

A request for removal

A request for correction

Mailbox - Including GDPR compliance in your automated emails 

If you have enabled auto-confirmation emails in "Settings", every candidate that applies will receive an automated confirmation email with the GDPR links in the footer.

When emailing candidates, you can also directly insert the GDPR removal and correction request links into your email communication. 

Click "Insert" and move to the "GDPR Links" tab to be able to insert any of the two GDPR links.

Click the "Removal request link" to insert it into the email.

You can make email templates that include any of the two links in your footer, and insert them straight into any email you draft towards a candidate.

When a candidate clicks the "ask to be removed" link in a email, they will be taken to a separate page where they can add their personal message.

After a candidate clicks "Request removal" they will be notified that their request has been sent.

Email templates

Depending on how you have set up your "settings" for "GDPR Compliance", you can create email templates that have the GDPR links included.

Click "Settings" and go to your "Workflow" to access all of your "email templates". 

Careers Site - Privacy policy and cookie consent

Click "Careers Site", open up your "Careers Site editor" and scroll down to "Terms & Privacy".

You can use the "Terms & Privacy" section to ask applications to agree with your Privacy Policy.

Next to adding a Terms and Conditions for your candidates to agree with your privacy policy, you will be able to add a "Privacy Policy" to your Careers Site footer and a cookie consent box. When candidates are browsing your careers page they can give consent for cookies and you can add your privacy policy to your job postings.

Here’s a screenshot of what your careers site will look like once you’ve set up your consent timeframe and privacy policy link:

Did this answer your question?