Under GDPR, when cookies can identify an individual via their device, it is considered personal data.
Therefore, under GDPR, a candidate must provide a statement of consent or a "clear affirmative action", which may include ticking a box on a website.
Note: Pre-ticking of boxes or similar inactivity is not considered an acceptable form of consent.
For information on the other PageUp modules, refer to Cookie consent.
Recruitment Marketing uses three cookies:
- A one-time (for each page view) session cookie to provide protection against a security attack called "Cross-site scripting (XSS)". This cookie is mandatory, short lived (one page interaction) and contains no candidate personally identifiable information. This cookie falls under GDPR regulations. Consent for this cookie is not required due to its exemption under GDPR’s Strictly Necessary category.
- A permanent long lived cookie that is associated with the candidate (known or unknown). This is used to associate individual candidate behaviour with their CRM record. This cookie falls under GDPR regulations and requires explicit consent.
- A temporary session cookie (lasts for 20 minutes after last interaction) that is associated with the candidate (known or unknown). This is used to associate candidate behaviours into "visits or sessions" and is recorded against their CRM record. This cookie falls under GDPR regulations and requires explicit consent.
This document explains how to manage candidate cookies and tracking in compliance with GDPR.
By enabling these options and making sensible choices that suit your company, Recruitment Marketing allows you to be fully compliant with GDPR, in a fully automated way. Our goal is for compliance without adding chores or manual tasks to recruiters schedules.
Candidate cookies are managed via:
- From the side menu, under Company click Settings.
- Under Web click Data protection rules.
For more information refer to Candidate anonymization.