Organization Settings
You will find the details for GDPR automation under your Organization Settings. This is available only for Admin user roles.
The Organization Settings β GDPR tab will list the following options:
Privacy Policy URL
This is used with the GDPR automation flow. When sending out consent renewal requests, it's automatically added to the Candidate view. The candidate must always have the option to read your organization's privacy policy and how you process their data.
Default data processing consent request validity duration
By default, the data processing consent request link is valid for 7 days. This is how long the candidate can open the link from the sent email and accept or decline your request for processing consent.
Dispute months
By default, the dispute period is 12 months. This gives you the right to save candidate data and use them in case of a dispute resolution.
The data processing consent automation
The data processing consent automation
It can be turned on or off. When enabled, Teamdash's GDPR automation helps you acquire, manage, document, and monitor all your candidates' data processing consents. It works like this:
On the second Tuesday of every month, all your candidates without valid data processing consent get a "consent renewal request" email.
9 days later we purge your database of all candidate's data which we didn't get processing consent for.
A few days before sending out the renewal requests, you get a report - how many and which candidates are going to get renewal messages. You will always have the option to skip a month. The same goes with purging the database, you always get a notification beforehand and an option to skip. You will always have the final say in any actions.
For conformance with the GDPR, please follow these guidelines for the request message. For more information, consult your DPO, Teamdash support, or a lawyer.
List all kinds of data you might be processing (e.g. CV, contact info, etc)
Inform them that they can immediately decline consent from the link.
Inform that ignoring this message is assumed to be a non-consent.
Assure that declining this consent will not affect any pending candidacy.
As described here, you can manage your database manually too. When switching on the automation, Teamdash will automatically sort candidates by GDPR statuses matching dispute and invalid and by excluding already contacted candidates:
The above filtering example shows how Teamdash will automatically sort, send consent renewals, and gather profiles to anonymize each month.
Enable permanent delete
By default, candidate profiles are pseudonymized using a one-way cryptographic function. When they re-apply then their history (comments, projects) is restored. If you enable permanent deletion the candidate histories will not be restored.