The General Data Protection Regulation (GDPR) is major EU law on data protection and privacy for all individuals within the European Union. The GDPR aims primarily to give control back to citizens and residents over their data and to simplify the regulatory environment for international business by unifying the regulation within the EU.

Terms in GDPR

The following are the key terms used in GDPR.

1. Data subjects

It would mean candidate information in general. “personal data” would be any information that can be used to identify the data subject. This includes the candidate's resume, name, email, contact number, address etc.


2. Controllers

It decides the purpose of processing personal data like for which job personal data will be used and the means to do that. Controllers could be direct employers or staffing agencies.


3. Processors

It would be recruiting software, ATS, or any legal entity that processes personal data on behalf of the controller.


4. Processing

It would mean any activity executed on personal data, such as storing information, updating information, delete information.


iSmartRecruit is completely GDPR Compliant. Turn on the GDPR functionality in the system in the ‘Admin’ section from the left-hand side menu option and click on the 'Other' Tab. 

Navigation Link:



Once you enable this option, the system will take care of necessary information and actions which are necessary for GDPR Compliance like candidate consent, candidate rights, etc.

Navigation Link:


When you enable the GDPR setting, you can set the ‘Default Consent Period’ as per your policy.



*Note:  Default Consent Period, the values can be customizable. Click on the + icon beside the Consent Period field.


GDPR Consent Expiry Notification

Administrators can enable the setting in the Admin section, which helps the recruiter to get the notification about consent expiry.  You can also select users from the team who would receive these notifications. 



Applicant - Terms & Conditions

The recruitment agency or direct employer can frame the terms & conditions and configure that in the system configuration. Whenever any applicant submits the profile, the applicant has to accept the terms and conditions before submitting their application for a vacancy. 

We advise you to include all necessary clauses in terms & conditions to safeguard your interest concerning GDPR. 

You can also include terms about consent from the applicant to use his/her data for the necessary purpose and consent duration.



An applicant will see the terms & conditions as shown below. 



View GDPR Consent Status for each Candidate 

The System will display the consent status of the candidate in the Candidate Search screen. The status could have one of the following values. You can see different coloured GDPR status icons concerning different statuses.


Candidates with Consent: Green icon


*Note: You can click on the icon to view the exact dates of GDPR Consent


Without Consent: Grey icon 



Consent Expired: Red icon 



Candidate Consent History

If you want to see consent history just click on the GDPR icon and it will show the history of consent.



Send Email for consent request 

The system allows you to send emails to candidates for getting consent from them. You can send individual emails to a candidate requesting their GDPR consent. 



The candidate will get a link through email. By accessing this link, candidates can update their consent for GDPR. 



The submitted response of candidates will get updated in the system and the user can see the current status of the request in the candidate profile.


Users can also search for Candidates based don't their GDPR Consent Status in the Candidates Module. Please refer to the topic of GDPR Search in the below article of Advanced Search for more information on this. 


Summary on Dashboard

To have summarised information on the total count of candidates for each candidate's GDPR compliance, you can add a widget on your Dashboard. 

Navigation Link:





GDPR Report

This is the best report to track the status of the GDPR consent request for a particular duration. 

Navigation Link:



Choose report parameters like Duration, Job title, and GDPR status to generate the report.