GDPR - Anonymization by User

The GDPR compliance features for Recruiting are divided into the following main components:

  • Anonymization of Applicant Data - Applicant data will be anonymized based on recruiting compliance configurations in the admin portal.
  • Data Deletion of Internal User Profiles - User data will be anonymized and deleted based on configurations done in Core data via Global Customer Support. Global Customer Support uses the Legal Entity OU to manage different durations of time.
  • Data Deletion of Applications - Application data will be deleted based on configurations done via Global Customer Support. This impacts the deletion of both internal employee and external applicant applications. Global Customer Support uses the Location OU to manage different durations of time.

Note: To enable instant application data deletion and profile anonymization, contact Global Customer Support.

Internal Users are hired employees whose candidate records have transformed into a user record. Clients can configure the period after which user profile data is anonymized and their application information is deleted (time-based deletion) through the Legal Entity OU.

In the data deletion process for User Profiles, all application information is deleted while their name, email, and contact information is anonymized in the database. The scheme for core user data is based on the configuration defined for the user’s Legal Entity OU. A client can also request a one-off deletion of data for specific users (ad-hoc deletion). Data deletion is permanent and cannot be reversed.

An Internal User’s Data Deletion clock starts ticking once their status is changed to an inactive status (they are fired, quit, or request to be removed from the system). In this instance, all application information is deleted too.

When either the application data deletion or user based data deletion event is triggered, all data for the user’s application is permanently deleted and will no longer be recoverable in the database. The following data will be deleted:

  • Comments
  • Ratings
  • History / Audits
  • Interviews
  • Offer Letters
  • Reviewers
  • Selection Responses
  • Realistic Job Preview
  • Selection Assessment
  • Skills Test
  • Workflow Responses
  • Competency Assessment Task
  • Disclaimer
  • EEO Question
  • Training
  • Custom Integrations
  • Pre-Screening Responses
  • Emails
  • New Forms
  • External Assessments
  • Background Checks
  • Attachments
  • Flags
  • Referrals / Costs
  • Applicant Resume

When user based data deletion occurs, the above data points are deleted for ALL requisitions. In the case of only requisition data deletion occurs, the above data for only that specific requisition is deleted.

Users can request that their data be anonymized as a result of leaving the Legal Entity. Once the user leaves the Legal Entity, then their data is anonymized and the data cannot be recovered in its previously visible state.

This impacts the following areas of the system:

  • Manage Applicants - Applicant profile data will be anonymized
  • Recruiting Dashboard - Applies to the following:
    • View Snapshot > Submission Details / "Name" column in All Submissions subsection (only when user leaves the Legal Entity)
    • View Snapshot > Cost Details / "Applicant Name" column in Cost Details (only when user leaves the Legal Entity)
    • View Snapshot > Cost Details / "Modified by" column in Cost Details (only when user leaves the Legal Entity)
    • Recent Referrals / "Referred by" column
    • Recent Referrals / "Name and Contact" column (only when user leaves the entity)
  • Search Candidates - Applies to Saved Searches
  • Review Applicants - Applies to Review Applicants / "Owner(s)" column
  • Recruiting Manager Dashboard - Applies to the following:
    • Recruiter Snapshot / "Recruiter name"
    • Recruiter Snapshot / Recruiter name in Time to Hire drop-down
  • Candidate Search Query - Applies to Saved Searches / "Created by"
  • User Resume (not applicant resume)

See Also