GDPR and Talent pool consents

In an effort to enhance GDPR compliance and streamline the management of candidate data, there is a series of key features in Sloneek. These features are designed to ensure that organizations adhere to strict data privacy regulations while managing candidate data effectively. This not only provides greater transparency and control over candidate information but also safeguard both the company's and the candidate's rights.

Key Features:

1. Consent Management:

GDPR Compliance

  • Mandatory GDPR Consent: GDPR consent is mandatory for processing candidate data. This consent includes an expiration date, either set by the length of the position or defaulted to one year.
  • Automatic Anonymization: Once consent expires or the position closes, candidate data will be automatically anonymized.

Talent Pool (TP) Data Storage Consent

  • Optional TP Consent: An additional, optional consent is available for storing candidate data in the Talent Pool for future job openings.
  • Customizable Expiration: Admins can set the expiration date for TP consent, with a maximum duration of 60 months, and can choose whether to send automatic renewal notifications to candidates.
  • TP Consent Requirement: Without this consent, candidates cannot be added to the Talent Pool, ensuring that only those who agree have their data stored for future opportunities. 

2. Audit Logs

  • Comprehensive Audit Logs: All changes related to GDPR and TP consents are recorded in an audit log. This feature ensures full compliance and provides a clear, traceable record of who performed what actions on candidate data, enhancing accountability.

3. ATS Portal Enhancements

  • Consent Visibility:
    • Both GDPR and TP storage consents are displayed to candidates when filling out applications through the ATS Portal. GDPR consent is mandatory, while TP storage consent is optional.
  • Candidate Data Management:
    • If GDPR consent is not provided, Admins have restricted access to the candidate's profile and cannot fully manage the candidate's data.
    • Consent documents, if uploaded, are stored in the candidate's Documents section.

4. Candidate Detail Updates 

  • Consent Status Icons:
    • Icons indicate the status of GDPR and TP consents, including whether they are expiring or if the candidate's data has been anonymized.)
    • the greent tick stands for agreed constent, the red cross stands for the consent not signed and the hours icon says that one of the consents is expiring soon  
  • Consent Information:
    • Detailed consent information is displayed in the candidate's profile, including the type of consent, expiration date, and how the consent was obtained.
  • Anonymous Candidate Data:
    • If a candidate's data is anonymized, only limited information is visible (e.g., first name and initial of the last name, source of application, and notes/history).

4. Automatic Anonymization

  • If consents are not provided or expire, candidate data is automatically anonymized to comply with GDPR requirements. This applies to both newly added and existing candidates.
 

Notifications

Notifications are sent to both Admins and candidates regarding consent status:

  • Consent request reminders and notifications for expiring or expired consents.
  • Confirmation when consent has been granted or data has been removed.

Compatibility

The new consent process applies retroactively to all existing candidates. Admins will have 30 days to ensure consents are properly added; otherwise, candidate data will remain anonymized with no option to retroactively add consent.