Candidate cookie management in Clinch Talent
Under GDPR, when cookies can identify an individual via their device, it is considered personal data.
Therefore, under GDPR, a candidate must provide a statement of consent or a “clear affirmative action”, which may include ticking a box on a website.
N.B. Pre-ticking of boxes or similar inactivity is NOT considered an acceptable form of consent.
Clinch uses three cookies:
- A one-time (for each page view) session cookie to provide protection against a security attack called “Cross-site scripting (XSS)”. This cookie is mandatory, short lived (one page interaction) and contains no candidate personally identifiable information. This cookie does not fall under GDPR regulations.
- A permanent long lived cookie that is associated with the candidate (known or unknown). This is used to associate individual candidate behaviour with their CRM record. This cookie does fall under GDPR regulations.
- A temporary session cookie (lasts for 20 minutes after last interaction) that is associated with the candidate (known or unknown). This is used to associate candidate behaviours into “visits or sessions” and is recorded against their CRM record. This cookie does fall under GDPR regulations.
This document explains how to manage candidate cookies and tracking in compliance with GDPR.
By enabling these options and making sensible choices that suit your company, Clinch Talent allows you to be fully compliant with GDPR, in a fully automated way. In true Clinch Talent fashion, our goal is for compliance without adding chores or manual tasks to recruiters schedules.
Candidate cookies are managed under "Data Protection Rules" in your Company Settings. For a step-by-step guide, please click here.
If you require any assistance with any of the above, please contact firstname.lastname@example.org
For more on Clinch Talent's provisioning for GDPR, click here.