Skip to main content
GDPR for Applied Candidates

How GDPR settings are applied to candidates that applied for a job position via your careers page, social network, job board, etc.

Updated over a week ago

What is GDPR and is it applicable to me?

Since May 25, 2018, the General Data Protection Regulation (GDPR) is in effect, reviewing how the personal data of EU citizens is being collected and shared. With TalentLyft, you can set up your GDPR settings to be 100% GDPR compliant. Here is the link to the official regulation document, published in the Official Journal of the European Union.

How does TalentLyft help me and my company?

GDPR states that there are two legal bases on which you can store and process candidates’ personal data:

  1. Consents for data processing and data retention or

  2. Legitimate interest to store their data

Candidates that applied via your careers page, social network, job board, etc., will be considered as Applied candidates. These candidates are informed about your:

  • data processing - mandatory consent in order to apply for a job

  • data retention period - not mandatory and candidates, who don't give the retention period consent, need to be deleted from your database as soon as the job opening they applied for is archived, or the inactivity period has expired. They will be placed on the Needs to be deleted list.

How to be GDPR compliant?

Make sure you are regularly tracking and deleting candidates that should be deleted from your system according to GDPR. The list of people that must be deleted will be generated in the Engage module, and accessed by using the "Needs to be deleted" filter.

NOTE: While TalentLyft has consulted with legal professionals both in the creation of this article and for our own product features, we are not a law firm. All information that is used in this article is general information and is not intended as legal advice. Users should take independent legal advice regarding their own data protection policies.

Did this answer your question?