GDPR - Deletion of Applications

The GDPR compliance features for Recruiting are divided into the following main components:

  • Anonymization of Applicant Data - Applicant data will be anonymized based on recruiting compliance configurations in the admin portal.
  • Data Deletion of Internal User Profiles - User data will be anonymized and deleted based on configurations done in Core data via Global Product Support (GPS). GPS uses the Legal Entity OU to manage different durations of time.
  • Data Deletion of Applications - Application data will be deleted based on configurations done via GPS. This impacts the deletion of both internal employee and external applicant applications. GPS uses the Location OU to manage different durations of time.

 

 

When the data deletion event is triggered, all data for the applicant is permanently deleted and will no longer be recoverable and will not be available in the database. The following data will be deleted:

  • General Applicant Information
  • Comments
  • Ratings
  • History / Audits
  • Interviews
  • Offer Letters
  • Reviewers
  • Selection Responses
    • Realistic Job Preview
    • Selection Assessment
    • Skills Test
  • Workflow Responses
    • Competency Assessment Task
    • Disclaimer
    • EEO Question
    • Training
    • Custom Integrations
    • Pre-Screening Responses
  • Emails
  • New Forms
  • External Assessments
  • Background Checks
  • Attachments
  • Flags
  • Referrals / Costs
  • Applicant Resume
  • Hired applications for users who leave the Legal Entity, become inactive and data has exceeded the data retention period
  • Applications on an ad-hoc basis through submission of a GPS work order

Note: If an application has been submitted through an Agency and that application is subject to time-based deletion and is deleted, then the actual Agency submission should be accurately reflected in Reporting.

Note: When a requisition has multiple locations, the data deletion rules will apply to the primary location.