<aside> 💡 Ashby provides tools to help you maintain proper compliance with local and federal data privacy regulations with regards to storing candidate data. You can configure these tools in the Admin section of the app
</aside>
The Data Privacy and Compliance features allow you to configure rules to help maintain compliance with data privacy laws and regulations.
See the table below for more information on the access roles that have the ability to configure rules in Ashby to help maintain compliance.
| Access Role | Can Configure Rules? |
|---|---|
| Limited Access | ❌ |
| Agency Users | ❌ |
| Elevated Access - External Recruiter (not linked to an agency) | ❌ |
| Elevated Access - Analyst | ❌ |
| Elevated Access - Hiring Team Member | ❌ |
| Elevated Access - Hiring Manager | ❌ |
| Elevated Access - Admin | ❌ |
| Elevated Access - Admin (Private) | ❌ |
| Organization Admin | ✅ |
You can set a Recruiting Privacy Policy in the Data Privacy & Compliance section ****of Admin. When you do so, a link to the policy will appear on any Consent Forms that candidates fill out.
Ashby provides mechanisms for configuring how you’d like to maintain candidate data through Inactivity Based Rules and Consent Based Rules.
You can use a combination of these two types of rules to put a flexible policy into place that helps you keep track of which candidate data should be removed from your system.
Inactivity-based rules are set based on when the candidate became inactive. You can configure inactivity-based rules in the Admin section of the app. There are two types of rules: