Terms used in this article:
TalentLyft is a talent acquisition technology provider. TalentLyft will never sell, rent, or lease the collected Personal Data and has no legal right to delete or edit it.
Customer is a company which uses TalentLyft for recruitment needs.
Candidate is a person who applies for a job of our Customer.
In order to ensure that TalentLyft customers are GDPR compliant, TalentLyft has created the Candidate Portal. The purpose of this portal is to enable Candidates to manage their job applications and personal information a TalentLyft customer has about them. On Candidate Portal, Candidates can:
See their job applications;
See all personal information a Customer has on them;
Export the personal information a Customer has on them;
Request update of the personal information a Customer has on them;
Delete all personal information a Customer has on them;
Contact data protection officer regarding the personal information a Customer has.
View and update their consents regarding the personal information a Customer has.
How to self-manage Candidate personal information
When a Candidates apply for a job, they receive an email with link to Candidate Portal.
By clicking on the link, Candidates access the part of Candidate Portal where they can see all their applications for this Customers' job openings. In order to see and manage all personal information, Candidates need to request a token by clicking on Send token button.
An email containing unique token for accessing Candidates personal data is sent to Candidates email address. This token is valid for 1 hour upon issuing. Upon token expiration, Candidates need to request it again if they want to see their personal data. Email with token is displayed on the image below.
After Candidates receive token and click on View your data button, their Candidate Portal will open again. Now it will display their personal information with Export, Update and Delete actions on the right side of the page. Above these actions, data protection officer email is displayed. Below those actions, the list of available consents is located and an option to update those consents.
Consent and data retention period
When applying for a job, Candidates can give their consent to Customer to store their personal information for hiring purposes during defined data retention period. Data retention period starts after the selection process for a job Candidates are applying for expires. Length of this period is defined by the Customer and Candidates are not obliged to give their consent for data retention.
If Candidates give their consent for data retention, the Customer can keep their personal information in the system until data retention period expires or until Candidates delete their data themselves.
If Candidates refuse to give their consent for data retention, the Customer can keep their personal information in the system until Customers legitimate interest expires (in this case as long as the Candidate is in the selection/hiring process) or until Candidates delete their data themselves.