ATS CRM GDPR Recruiting Recruitment Hiring

How to Delete Candidate Data in Your CRM and ATS with GDPR

Scroll down to read more!

How to Delete Candidate Data in Your CRM and ATS with GDPR

Scroll down to read more!
ATS CRM GDPR Recruiting Recruitment Hiring

Table of Contents

Now that the GDPR, the European Union’s General Data Protection Regulation, has gone into effect (as of May 25, 2018), the time to prepare for the regulations has passed. It’s here to stay and it’s imperative that all companies that process personal data of EU citizens must comply or be subject to hefty fines. HR departments will play a crucial role in ensuring that employee data is processed lawfully, and appropriate information is given to employees about the use of their data.

Candidate Rights with GDPR

At the high-level under the GDPR, candidates have the right to:

    • be informed that their details are stored on your system, and for how long;
    • consent or otherwise for their data to be stored and/or processed by your system;
    • know why you are requesting, storing, and/or processing their information;
    • know who will have access to their data (staff, countries, and third-parties);
    • access the information that is stored on your system;
    • have any incorrect information on your system corrected;
    • have their data removed from your system;
    • restrict the processing that you do with their data on your system;
    • download their information in a standard format;

In this post, we’ll focus on the removal of candidate data and data accessibility (portability).

Under the GDPR, candidates have the “right to be forgotten or right to erasure,” meaning that they can request their data to be erased when it is no longer necessary for the original purpose.

At the minimum, companies must enable candidates to access and review their data, to update their data, and even allow for full erasure upon request in many instances. With regards to data portability, recruiters must also be able to provide all the personal data they have on a candidate, when requested by the candidate, in a portable format. The GDPR states that each candidate has the right to transfer their data anywhere they prefer.

It’s important to note that the GDPR isn’t just about companies who hire in the EU. In the short term, it’s about employers who are employing EU citizens wherever they may live.

The Role of Your Recruiting Vendors: ATS and CRM

When you’re working with recruitment software whether it’s an ATS, CRM, or job board, it is recommended that you choose a company that is knowledgeable about the new regulations, as well as one who has appointed a data protection officer (DPO). Otherwise, it is your company’s responsibility to have someone in the DPO role.

Most HR Technology companies are familiar with the GDPR, however, each different vendor and service provider has a different interpretation in how to comply, their responsibility, and involvement when it comes to the role they play with your candidate data.

Section 4 of the GDPR outlines the requirement for applicable firms to appoint a DPO. According to Article 37(1), data controllers and processors shall designate a DPO where:

  1. The processing is carried out by a public authority or body, except for courts acting in their judicial capacity;
  2. The core activities of the controller or the processor consist of processing operations which, by virtue of their nature, their scope and/or their purposes, require regular and systematic monitoring of data subjects on a large scale; or
  3. The core activities of the controller or the processor consist of processing on a large scale of special categories of data pursuant to Article 9 and personal data relating to criminal convictions and offenses referred to in Article 10.

Most firms required to appoint a DPO would fall under subparagraphs (b) and (c). Article 39 outlines five minimum tasks that the DPO must perform:

  1. Inform and advise firms and employees who carry out data processing on applicable data protection provisions
  2. Monitor compliance with the GDPR, other data protection provisions, and additional internal data protection policies; this includes training and auditing
  3. Advise on data protection impact assessment (DPIA)
  4. Cooperate with the supervisory authority
  5. Serve as main contact for the supervisory authority.

Ideally, your recruiting technology company will have a DPO designated in the EU who manages and serves as the point-of-contact for GDPR compliance.

Talk to your ATS, CRM, and other vendor partners to really understand how they are interpreting GDPR regulations and what their record deletion process entails. 

Deleting and Anonymizing Candidate Data

For example, GDPR deletion process in place for candidate data that can be anonymized allowing the candidate to request the deletion or the recruiter working in the recruiting technology to act on the request.

Set a data retention period with an expiration data. Once the data retention period has expired the candidate details will be deleted automatically.

Allows you to manually delete/export/make portable candidate profiles, etc.

Once deleted, the candidate data will no longer be available on your reports, nor should you retain it elsewhere. It should be fully anonymized and removed from all databases, records, and online systems. 

The most important factor for you and your company when it comes to GDPR compliance is understanding how your recruiting technology software company is responding to the new regulations and what steps your team must take with regards to candidate data.

Did you like this post? Share it!

2 Comments

  1. A nice read. GDPR is important and the new age HRMS software and their recruitment gateways are designed to help you cover all compliance requirements, including GDPR compliance.

  2. ATS, HRIS and HRMs can help talent acquisition managers pull up reports and monitor their hiring pipeline. Talent Acquisition managers can generate reports and dig deep to draw actionable analytics from HR analytics tools. Check out how easily you can do this using http://www.peoplehum.com/#bl

Comments are closed.

A Word From Our Sponsors

Ads help make Workology resources free for everyone. We respect your privacy. To see our Privacy Policy click here.

Recommended Posts

Sanjay Sathé, Founder & CEO of SucceedSmart, is no stranger to disrupting established industries.

Q&A With Sanjay Sathé, Founder & CEO of SucceedSmart

This interview is part of a series on Workology that features an HR Technology company, its founder and its features. For this post, we’re...

supporting caregivers: the sandwich generation at work

Supporting Caregivers: The ‘Sandwich Generation’ at Work

I’ve been told my whole life to enjoy being young and to grow old gracefully. To enjoy and soak in every moment, especially the...

Recruiting Reimagined: How Specialized Software Strengthens Hiring in 2024

Explore how specialized software is transforming recruitment strategies in 2024. We discuss the benefits of innovative tools for hiring....

How to Reduce Stress at Work (and Life) with Meditation

We can’t always limit stress or the amount of it in our lives, but we can arm ourselves with resources and tools to help...
Best HR Certification prep books

Best HR Certification Prep Books for SHRM and HRCI

Looking for additional reading to support your study prep for HRCI or SHRM? We've got a comprehensive list for you right here....
Your Global HR Certification: A Professional's Guide

Your Global HR Certification: A Professional’s Guide

Elevate your HR career with our guide to Global HR Certification. Explore benefits, prep tips, and vital resources for exam success!...

Resources for Session Attendees of Digitizing Talent

Resources for conference session attendees of Digitizing Talent: Creative Strategies for the Digital Recruiting Age....

Checkout Our Products

Ads help make Workology resources free for everyone. We respect your privacy. To see our Privacy Policy click here.

More From Workology

Resources for Session Attendees of Digitizing Talent

Resources for conference session attendees of Digitizing Talent: Creative Strategies for the Digital Recruiting Age.
Your Global HR Certification: A Professional's Guide

Your Global HR Certification: A Professional’s Guide

Elevate your HR career with our guide to Global HR Certification. Explore benefits, prep tips, and vital resources for exam success!
Best HR Certification prep books

Best HR Certification Prep Books for SHRM and HRCI

Looking for additional reading to support your study prep for HRCI or SHRM? We've got a comprehensive list for you right here.

How to Reduce Stress at Work (and Life) with Meditation

We can’t always limit stress or the amount of it in our lives, but we can arm ourselves with resources and tools to help us handle it better.