Skip to content
English
Sign in
Contact us
  • There are no suggestions because the search field is empty.

Lawful basises for assessment data collections

Explain how clients can run assessments in the Recruitment module using consent (or alternative lawful bases), what candidates see, and what happens on withdrawal—so you can advise prospects and configure tenants correctly.

Two options (picked by the client)

  1. Other lawful basis (default)
    Clients process candidate data under a basis they control (e.g., legitimate interest/contract) and clarify this in their privacy notice and candidate communications. No product change is required beyond linking to the client’s notice.

  2. Consent (activation required)
    Candidates must consent before any assessment data is collected. Consent is given for the specific recruitment(purpose-bound). Candidates automatically receive a consent receipt and can withdraw in two clicks.

The Organization Owner selects the lawful basis in Recruitment settings and can switch later; past collections remain under their original basis.

Candidate experience when Consent is active

  1. Pre-assessment gate — Candidate is asked to consent; if they do not, no data is collected.

  2. Purpose — Consent covers the current recruitment. Reuse of results for future recruitments is covered by a separate reuse consent (also surfaced to the candidate).

  3. Receipt & control — Candidate receives a consent receipt with a link to withdraw anytime.

Withdrawal & data handling

  • Withdraw for a recruitment → All data collected for that recruitment is deleted; there is no longer a lawful basis to store it.

  • If the person is in other recruitments or has given reuse consent, that other data remains; the receipt explains how to contact the organization to request full removal. If in progress elsewhere, the candidate’s data for that other process is reset.

  • Removed from the last recruitment → The candidate is removed from the platform (no purpose to keep data).

Transparency & evidence

  • Candidate export includes the lawful basis (supports GDPR Art. 15 access / transparency).

  • Audit logs / consent register prove that consent was collected before data processing; authorized users can export logs for audits.

How to configure (for client admins)

  1. Go to Settings → Recruitment.

  2. Choose Lawful basis: Other lawful basis (default) or Consent.

  3. Save. New candidates now follow the selected legal path; historic data stays under its original basis.

Good practice for KAMs/CSMs (what to advise)

  • Match law & policy: Some sectors require consent; others prefer a different basis. The platform supports both.

  • Explain reuse separately: Reuse of results across recruitments is governed by reuse consent; clarify this in candidate comms.

  • Document withdrawals: Point clients to audit exports and the candidate export for compliance evidence.

FAQs

Who can change the lawful basis?
The Organization Owner in Recruitment settings. Changes are prospective only.

What happens if a candidate never consents?
No assessments run; the process can invite again or proceed without assessments.

If consent is withdrawn, is all data deleted?
All data for that recruitment is deleted. Data in other recruitments or covered by reuse consent remains unless the organization acts on a broader deletion request.

Can we prove we had consent?
Yes—audit logs/consent register can be exported by authorized users.