We know the importance of consent to keep one's personal data is, especially when it comes to hiring. In CakeHR there is increased flexibility and automation when dealing with applicants' Personally Identifying Information (PII).

New tools in CakeHR allow to prompt the applicants for consent to store their information in CakeHR (both automatically and manually), to revoke the consent, as well as make their personal information anonymous.

⚠️CAUTION: By enabling this feature you will trigger a mechanism that may automatically alter the data of your applicants. We recommend to read this article and consider carefully your company's internal approach to data retention before activating this feature.

What do I need to set it up?

A user with Administrator level access in CakeHR.

How do I configure the Data retention policy feature?

Settings -> Recruitment -> Data retention. Here you can find a few groups of settings. Let's go through them.

  1. Click on your name on the top right, then click Settings.
  2. On the settings menu, click RECRUITMENT, then click Data retention.

When you select Enable data retention policy for applicants, this enables the Data retention policy in your CakeHR company. Every other settings becomes active once selected.

For new applicants without consent

Send consent inquiry automatically after ___ days - When a new applicant without previous consent is added in CakeHR, they get an email inquiry asking to provide the consent to keep their data in your CakeHR account. Enter how many days.

Store personal information for ___ days - This is the duration of data retention for an applicant who is due to provide or decline consent. Enter how many days.

For applicants with consent

Store personal information for ___ months" - Once an applicant has provided consent, their personal information will be stored for the specified amount of time you enter.

Send a repeated inquiry ___ days before consent expiration - Before the applicant's consent expires, CakeHR will send them a repeated inquiry to extend their consent. This setting specifies the amount of days the applicant will have to provide a new consent before the previous expires and their data is made anonymous.

"Prompt to extend consent for ___ months" - This is the duration of repeated consent, when the consent is automatically re-inquired.

How does it work altogether?

For every new applicant who was not asked for consent to keep and process their data yet, a new button in the applicant's profile will appear: Ask for consent.

When you click this button it sends a consent inquiry to the applicant's mailbox. The applicant can Approve or Decline the inquiry using the buttons in the email they receive.

Unless requested manually, the system will send out the inquiries automatically after a period of time, as specified in parameter Send consent inquiry automatically after ___ days. Such inquiries will be sent to all new applicants who were never asked for consent. You can change this value according to your preference. 

CakeHR will wait for the applicant's consent as long as specified in the Store personal information for ___ days parameter. If an applicant hasn't provided consent by the moment the specified period has expired, their data will be automatically made anonymous.

If applicant has provided consent to store their data, personal data is retained in CakeHR for the duration of the Store personal information for ___ months parameter.

The consent can be revoked using Revoke consent button.

Revoking consent will immediately make anonymous the private information of this applicant.

Before the consent expires, the system will re-inquire the applicant to extend their consent as specified by the Send consent inquiry automatically after ___ days and "Prompt to extend consent for ___ months" parameters.

⚠️ There are more cases when private details of your applicants can be anonymised. Read about these cases below.

How does anonymisation work?

Your applicant records will get made anonymous in the following cases:

  • You have "Revoked consent" for this applicant
  • An applicant was sent a consent inquiry but they took too long to respond i.e. longer than specified in the Store personal information for __ days parameter
  • An applicant Declined a consent inquiry using Decline button in their consent inquiry email

Anonymisation means altering of a given applicant's personal data. However, the applicant's record will remain open and will be reflected in all reports. 

You can choose whether some particular registers will be made anonymous as well.

Visit Settings -> Recruitment -> General to select:

  1. Click on your name on the top right, then click Settings.
  2. On the settings menu, click RECRUITMENT, then click Data retention.
  3. Select the relevant options, scroll down then click SAVE.

What happens if I disable the Data retention policy feature after the consent inquiries are sent out?

These applicants who will receive the email will still be able to approve or decline the consent inquiry. Their personal information may be altered automatically unless they provide an approval to keep their data by clicking a button in the consent inquiry email.

📎NOTE: Automated emails and automated anonymisation features only apply to applicants who are added after the Data retention policy parameter is enabled and saved. 



Did this answer your question?