Releases tagged: consent

Jeet MukerjiJeet MukerjiApril 29th, 2018

New Feature: Release Notes - Beamery 4.0: Enabling GDPR compliance

Europe’s new General Data Protection Regulation is a vast new set of privacy rules intended to give Europeans more control over how their data is collected, stored, processed and transferred. Whether you are located in the EU, or located elsewhere but conduct business in the EU, all of your data processing activities that involve the data of EU citizens must comply with the GDPR, which comes into effect on May 25th 2018.

Beamery's Consent Management and Manual Anonymization features enable you to become fully GDPR compliant. For a step-by-step walkthrough of how to set up Beamery for complete compliance, your Customer Success Manager can take you through the 'Beamery Comply: Consent Management and Manual Anonymization - Implementation Checklist'.


Consent Management: Create consent statements in Settings, request an opt-in for existing candidates (using Campaigns that link to the consent capture form), request opt-ins for inbound candidates (by appending the consent statement to all forms), and track consent (as well as the time since consent) for all contacts via the People Grid.

Manual Anonymization: Anonymize archived contacts, and un-anonymize candidates who retract their initial request to have personal information deleted. Anonymization works like deletion, except we'll hide rather than delete the contact name, email, social URLs; so that we can identify, flag and block a previously anonymized contact from being accidentally added to the database.

A quick note before we carry on. While we have consulted legal teams specializing in data protection when updating features, Beamery is not a law firm and we do not provide legal advice specific to your organisation. All wording in images are for placeholder purposes only and we recommend that you review all wording with your legal counsel and Data Protection Officer, or equivalent.


Setting up consent management:

Set up your consent statements via the Compliance section in Settings. This text will be shown to candidates on consent capture forms, and in forms for Beamery Pages customers.

5ade35044dd18_Screen Shot 2018-04-23 at 20.33.03.png

There are three sections, all of which are required fields:

  1. Consent request statement: This is where you can explain to candidates why you are asking for consent.
  2. Opt in statement: This is the statement that candidates will consent. It’s important to word this correctly and clearly so candidates understand what they are consenting to. The opt in/out answers to this statement map to the ‘Consent’ field in your People Grid, and if the candidate opts in, the ‘Last Consented’ field will show how many days have passed since the candidate opted in. 
  3. Privacy policy: It’s necessary to display a link to your privacy policy statement (updated with GDPR related information) along with the consent request statement. As per the GDPR, we'll also include our Data Enrichment policy automatically next to your privacy policy in the consent capture forms, to let candidates know how their data is enriched. If candidates are uncomfortable with having their data enriched, they'll need to contact you. We can disable enrichment for specific candidates. You will soon be able to control enrichment for each candidate from their profiles. 

Requesting consent from inbound candidates:

You will see a new GDPR opt in question in form builder. Ticking the box and publishing the form will make the consent statement visible on the form as a required question for the candidate to answer. By enabling the GDPR opt in question, the ‘Location’ field becomes a requirement for candidates, so you can track and manage consent for candidates that are in EU countries.

5ade35fe928a4_Screen Shot 2018-04-23 at 20.36.41.png

The GDPR opt-in section can be left blank; your default compliance statements (already filled out in your Compliance Settings) will populate these fields automatically when published. But, you can overwrite your default compliance statements if needed by completing the necessary fields (as per the image above). 

5ade363c65d4f_Screen Shot 2018-04-23 at 20.36.50.png

Requesting consent from existing candidates:

If you have the candidate's email address, you can set up a consent request campaign which includes either an opt-in button, or a link (which you can enter as a campaign variable). When the candidate clicks on the button or link, they will be redirected to the consent capture form, with the wording and privacy policy statement set up in your Compliance Settings.

5ade36890597a_Screen Shot 2018-04-23 at 20.39.37.png

If you don't have the candidate's email address, you can still request consent by sharing a consent form URL that's unique to them. You can generate this link directly from their profile and copy it into your communication. As with the opt in button or a link in a campaign, this link will take them to a unique consent capture form with the wording and privacy policy statement set up in your Compliance Settings.

5ade36cc42f85_Screen Shot 2018-04-23 at 20.40.31.png

Creating a consent email loop for candidates:

Candidates should be able to opt out as easily as they opted in, and they can do this by revisiting the consent capture form at any time through the same button or link. You might consider sending a consent confirmation campaign to candidates who have opted in and including the button or link in this message too.

5ade38d84f956_Screen Shot 2018-04-23 at 20.49.19.png

Tip: To find these GDPR-related campaigns in your Campaigns list, filter by ‘GDPR Campaigns’, which will display all active campaigns that include the opt-in link or button variables.

5ade373f7d0bf_Screen Shot 2018-04-23 at 20.42.43.png

Tracking consent in your database:

Consent is captured in two, filterable fields, which you can find as separate columns in your People grid: 

  1. Consent: This displays if a candidate has opted In or opted out
  2. Last Consented: This displays the time in days since the candidate opted in, to help you eventually schedule re-opt in campaigns, or to automate purges of contacts without up-to-date consent 
5ade3771b0c3a_Screen Shot 2018-04-23 at 20.43.30.png

You can use these fields to filter candidates who have either opted out, or candidates who last consented beyond a certain period of time (who you can then archive or delete to keep your active database clean, and mark them as 'Do not contact' from their profiles).


When a contact is anonymized, all of their data is deleted from the Beamery database, aside from name, email and social URLs, which are hidden. These are kept in order to check and prevent anonymized contacts from being accidentally added back into Beamery, with or without an email. Beamery prevents users from re-adding anonymized contacts into the database by flagging previously anonymized candidate profiles.

Anonymizing contacts:

Super Admins, Admins and Team Members can anonymize contacts from their full profile via a two-step process to reduce the risk of accidental anonymization, where the user is required to archive the contact first, and will receive a warning to confirm the action when they are about to anonymize the contact. Anonymization is only possible for Archived contacts.

5ade39320ecbb_Screen Shot 2018-04-23 at 20.50.27.png

Un-anonymizing contacts:

Super Admins can manually un-anonymize contacts from their profiles via the three-dot dropdown menu if contacts have requested to be un-anonymized. If a non-Super Admins needs to un-anonymize a contact having received the contact’s request, they can either ask the candidate to sign up via a form, or share the contact’s full profile URL with a Super Admin.

5ade3948c5ea2_Screen Shot 2018-04-23 at 20.50.39.png

Once an anonymized contact has been un-anonymized or re-opts in via a form, the contact will re-appear as a standard profile with their name, email and social URLs. You will also see an activity card in their full profile indicating when the contact had been previously anonymized for full context.

5ade395c4c533_Screen Shot 2018-04-23 at 20.50.47.png

Preventing anonymized contacts from being added back into Beamery:

If someone on your team tries to add an anonymized contact into Beamery either manually, or when sourcing via the Extension, they are redirected to the anonymized full profile, and are prevented from being able to re-create an anonymized contact.

COMING SOON: Compliance automation including automated anonymization, and compliance reporting.