Data Deletion to Support Data Privacy for Recruiting
The Data Deletion project ensures that user application data is not kept in the system longer than the defined amount of time set by the data retention period. As a part of this project, Data Deletion is divided into two areas:
- Deletion of individual applications within a requisition
With this functionality, you can do the following:
- Data Retention Mapping - Map data retention periods to a Location Organizational Unit (OU). This is done by the administrator through submission of a work order to Global Customer Support.
- Delete Hired Employee Data - Delete applications for hired employees who leave the Legal Entity, become inactive and who request to be forgotten OR whose data exceeds the data retention period.
- Delete Application within a Closed Requisition - Trigger the data deletion time-based event for closed requisitions.
- Data Anonymization - Applicants who have exceeded the period of inactivity for anonymization will not be dispositioned if that applicant is not dispositioned and part of a requisition that is in an Open status. In addition, the word "Archive" (or variations of it) has been replaced with Anonymization (or variations of it) in many instances throughout the system. The anonymized user is no longer searchable.
Difference between Anonymization and Deletion
- Deletion - Upon successful execution of data deletion, all non-hired applications within the Cornerstone system that have exceeded the data retention as configured by the administrator for a given Location OU, will be deleted. This deletion is permanent and non-reversible.
- Removal method is dependent on the scenario:
- For time-based: Deletion of non-hired applications based on a data retention period which is triggered following a pre-defined timeframe when the requisition is closed or the applicant is dispositioned.
- Anonymization - Replacement of applicant core user data (Prefix, Suffix, First, Middle, Last Name, Email Address, City, State, Zip, Country) with randomized string of characters within the database
- User of the Cornerstone system – When a user leaves a legal entity and requests to be forgotten or their core data is outside the entity’s data retention period, then that user’s core data is anonymized throughout the Cornerstone portal (e.g. Recruiter and/or Recruiting Administrator).
Note: The Compliance Enablement Preference for New Submission Anonymization is different than the anonymization described above. When the Anonymize personal applicant data for New Submissions option is selected in Compliance Enablement Preferences for a Location OU, the value in the Name column for applicants in a New Submission status is replaced with the applicant's requisition number and applicant ID. The applicant ID is scrambled so that the applicant remains anonymous. Users can still sort the table using the Name column. However, once that applicant moves into a new status, their information is no longer anonymized.
Note: To enable instant application data deletion and profile anonymization, contact Global Customer Support.
Date Created: 1 January 2015
Primary location of requisition: Italy
Data Retention Period: 6 months
- 35 applicants apply to the position
- 10 candidates are dispositioned
- One candidate is hired and the requisition is closed (remaining candidates are dispositioned)
- 34 remaining non-hired applications are deleted when the data exceeds the data retention period
Note: In this scenario, the hired applicant’s application will become part of the user record and will be deleted based on user deletion rules. This includes deletion upon the user leaving the entity and requesting to be forgotten or their data exceeding the defined data retention for that legal entity.
Date Created: 1 March 2015
Primary Location of Requisition: Germany
Period of Inactivity: 2 months (if applicant does not log back into Career Site, then their applicant core data is anonymized due to inactivity)
- Jamie applies to the role on 1 March (Jamie’s applied to only one requisition) and does not log back into the career site
- Jamie is dispositioned from the requisition on 1 April 2015
- Jamie’s information is anonymized due to inactivity and her dispositioned application
- Her information will not be available in Talent Pools or Saved Search
Company: Palmer Inc.
Legal Entity: Sweden
Data Retention Period: 2 years
- Tim applies to an application and gets hired
- Tim’s application resides with him as a user upon getting hired
- When Tim leaves the Legal Entity, the application will be deleted when it is has exceeded the data retention period
- ABC Co’s period of inactivity preference is configured to 1 year after applicant submits their information
- Sam submits information through ABC Co’s Connect with Us feature on 1 Jan 2015
- Sam’s personal information is anonymized on 2 Jan 2016
- The user's application is not deleted when moving from one Legal entity to another, provided that the user is in an Active status in the portal.
- Applications from an external source are not impacted.
- Even if a candidate exceeds the period of inactivity for a given requisition, an applicant's data is not anonymized if the applicant has an application in a job requisition that is in an Open status. However, if the applicant is dispositioned in an Open requisition for which they are the only applicant, then their data is anonymized.
- When a requisition has multiple locations, the data deletion rules will apply to the primary location of that requisition.
- If an applicant is hired, then their application will not be deleted until the user leaves the Legal Entity and either requests to be forgotten or their data exceeds the data retention period.