1. Greenhouse Support
  2. All Recruiting topics
  3. Privacy and compliance
  4. GDPR

Single purpose consent overview

Permissions:

Product tier: Available for all subscription tiers

The General Data Protection Regulation (GDPR) regulates the collecting and processing of personal data for companies with operations or offices in the European Union (EU). Article 32 of GDPR states, "When the processing has multiple purposes, consent should be given for all of them."

Single purpose consent is one of the features Greenhouse Recruiting provides to help you achieve GDPR compliance. Learn more about GDPR and Greenhouse Recruiting.

In this article

About single purpose consent

Article 32 of GDPR states, "When the processing has multiple purposes, consent should be given for all of them." Single purpose consent describes the method for Greenhouse Recruiting organizations to separate the processing of personal data from the retention of personal data, as recommended by GDPR.

Example: You may not require candidates to consent for you to process their data at the time they apply, but you may want candidate consent to retain personal data for future use. Greenhouse Recruiting's single purpose consent feature allows you to configure GDPR features to achieve this.

You'll know single purpose consent is enabled when the Legal Basis section of your GDPR page includes two options: One for consent to process and one for consent to retain.

Legal-basis-section-of-the-GDPR-page-shown-with-options-for-data-processing-and-data-retention.png

Enable single purpose consent

Note: Before enabling single-purpose consent, we recommend consulting with your legal team to determine the best legal basis selections for your organization.

Organizations that have enabled GDPR on or before July 10, 2023 will be prompted to enable single purpose consent.

Window-prompting-user-to-enable-single-purpose-consent.png

All other organizations will have single purpose consent enabled by default.

Legal basis combinations

Your organization will end up with one of the four following legal basis combinations:

  • Legitimate interest for data processing and legitimate interest for data retention
  • Legitimate interest for data processing and explicit consent for data retention
  • Explicit consent for data processing and explicit consent for data retention
  • Explicit consent for data processing and legitimate interest for data retention

After you configure your legal bases, candidates can select their data processing and retention preferences either during the job application or after being manually added to Greenhouse Recruiting.

Frequently Asked Questions (FAQs)

Which legal basis combination should I use?

We encourage you to consult your legal counsel about how GDPR affects your organization.

What does the candidate experience look like for each legal basis combination?

The way candidates give consent to data processing and data retention depends on which legal basis combination you choose. Learn more about legal basis combinations.

How is candidate data managed with each legal basis combination?

The handling of candidate data depends on which legal basis combination you choose. Learn more about legal basis combinations.

Is consent text configurable?

The consent text on job applications and emails is not configurable. However, you can add any extra details in the job and email templates as normal.