Also known as Data Erasure, the right to be forgotten entitles the data subject to have the data controller erase their personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data.
The conditions for erasure, as outlined in GDPR article 17, include the data no longer being relevant to original purposes for processing, or a data subject’s withdrawing consent. It should also be noted that this right requires controllers to compare the subjects' rights to "the public interest in the availability of the data" when considering such requests.
This simply means that when a candidate’s data is no longer relevant and candidate consent hasn't been provided, you need to remove the data.
Breezy makes it simple to manage data erasure with both manual and automated tools.
How to erase candidate data automatically
If you'd like to remove candidates automatically when their consent has expired, you can enable automatic erasure in your company-level GDPR compliance settings.
When enabled, Breezy will automatically remove candidates the first Sunday, 14 days after their consent expires.
How to erase candidate data manually
Breezy allows you to delete candidates as needed, and filtering options simplify finding candidates who should be removed for GDPR compliance.
Once you’ve enabled GDPR functionality, you’ll be able to filter by GDPR consent status and expiration date on candidate lists.
To erase a candidate’s data:
Click Candidates in the left sidebar, or open the Candidates list for a specific position.
Click the filter icon (funnel) in the top-left corner of the window to expand filtering options.
Click the checkboxes under GDPR Filters and select options from the dropdowns.
Click Apply Filter.
Click the checkbox next to the name of the candidate(s) to delete.
Click the delete icon (trash can) near the top-right corner of the window.
Click Yes please to confirm.
❗ Important Note
While Breezy has worked to provide you with the best and most relevant information in regards to the European Union General Data Protection Regulation, we highly recommend you do some research of your own and seek legal advice to ensure you are complying in the best interest of your organization.