Tracking consent for GDPR
In order to make GDPR compliance easier for users, we've added new features that will allow you to ask for and track candidate and contact consent within the system.
GDPR functionality can be turned on from the Administration > GDPR section of CATS. You'll also need to include your company's own GDPR policy that will be linked to when a record is asked for consent. A policy is required by law in order to ask a subject for consent.
Once GDPR is turned on, a candidate/contact consent tag will be created that can be generated in an email from CATS, which will include a link that the subject can use to either give or deny consent. This tag can be found in the "Add Tag" section within the "Send Email" page, with a separate one being generated for candidate and contact records.
Note: These tags are also available in workflow triggers and the Email Templates section of your CATS portal, so that you can better manage when to give consent to your candidate/contact.
Managing consent and deletion of data
All candidate and contact records have a GDPR section that will allow users to view if and when consent was given. It includes that record's specific link for consent, which can be copied and sent to the subject, and a link to export the subject's data in the form of a CSV file, if they ask for their information. Each record's consent link is generated with a unique string, so one record's link cannot be used for all candidates/contacts.
Candidate and Contact grids in CATS now also include columns to track whether or not a record has given consent, when the last consent request was sent to them, when they gave consent, and their specific consent link. These fields are filterable, so that you can check for a time frame for consent and remove candidates that are either over your necessary time to keep a record in your system, or that have declined consent altogether.
To identify and remove subjects in your system that do not meet your current compliance standards, use the filter system to select the field you'd like to filter by, and the identifier. For example, if you need to remove candidates from the system that have denied consent, you would use the following filter:
Then use the "Actions" dropdown to select "Delete".
Note: Make sure to review the number of records and contents of your deletion before finalizing it. Deleted records cannot be restored.
For more information on CATS and GDPR, be sure to check out our GDPR Compliance Guide.