iCIMS Data Privacy Features: A Complete Guide
Everything talent acquisition teams need to know about managing candidate consent, automated retention, and data anonymization in iCIMS.
If your organization uses iCIMS as your Applicant Tracking System (ATS), you already know that handling candidate data responsibly is not just a legal obligation but a competitive advantage. Candidates trust you with their personal information. Honoring that trust requires the right tools and configurations.
In this guide, we break down every data privacy feature available in iCIMS, explain how each setting works, and walk through the automated workflows that keep you compliant with GDPR, CCPA, and other global privacy regulations. Whether you are an iCIMS admin, a privacy officer, or a talent acquisition leader, this post is for you.
1. Consent Options: How Candidates Give Permission
The first line of defense in data privacy is capturing clear, informed consent from candidates. iCIMS provides this through a layered consent system that you can configure on a per-portal basis.
Basic Consent
At the most fundamental level, iCIMS lets you display your organization’s privacy policy as the first step in the candidate portal. You choose one of three modes for each portal:
👥 Capture Consent for All Candidates
Every candidate entering the portal sees your data privacy policy and must click “I Accept” before proceeding. This is the most comprehensive option and the one most commonly recommended for organizations operating globally.
🇪🇺 Capture Consent for EU Residents Only
A checkbox appears below the email field asking whether the candidate is an EU resident. If they check it, they are shown the privacy policy. If not, they skip it entirely. This approach targets GDPR-specific compliance without adding friction for other candidates.
❌ Do Not Capture Consent
No consent capture is displayed. This option exists for portals where consent capture is handled outside of iCIMS, or in jurisdictions where it may not be required. Be sure to consult your legal team before choosing this option.
You can configure consent capture for new candidates only, or for both new and existing candidates. If you choose both, any existing candidate who has not yet provided consent will see the privacy policy the next time they log in.
Enhanced Consent: Job-Based and Time-Based
Beyond basic consent, iCIMS offers two “enhanced” consent options that attach specific conditions to how long candidate data is kept. These are critical for organizations that want automated compliance workflows.
What the candidate agrees to: “You may use my data only for the purpose of processing my application to this specific job.”
Once the job becomes inactive, a 30-day countdown begins. After 30 days, the candidate is moved to a “Restrict Processing” status. An optional email can be sent to the candidate before this happens, giving them a chance to log in and update their consent.
Key detail: If the candidate is submitted to a second job while the first job is still active, their consent stays active until all associated jobs become inactive. So job-based consent extends naturally with ongoing applications.
What the candidate agrees to: “You may use my data for a specific period of time.”
You set the duration (for example, two years) on each portal. The candidate can extend their consent by logging back into the portal. By default, any login automatically extends the consent period. You can also configure it so candidates must manually click a button to extend.
An email goes out 30 days before expiration, prompting the candidate to log in and renew. If they do not, they move to Restrict Processing just like with job-based consent.
| Feature | Job-Based | Time-Based |
|---|---|---|
| Consent tied to | Active job(s) | Calendar duration |
| Auto-extends on login | No | Yes (configurable) |
| Expiration trigger | All linked jobs become inactive | Time period elapses |
| 30-day grace period | Yes | Yes |
| Candidate notification | Optional email | Optional email |
| Best for | Targeted, job-specific hiring | Talent pools, long-term pipelines |
If a candidate becomes an employee, you probably do not want their profile automatically deleted. iCIMS allows you to exclude specific folders (like employee folders) from the automated Restrict Processing workflow. Work with iCIMS support to configure these exclusions.
2. Data Subject Requests & Reporting
Under GDPR, CCPA, and similar regulations, candidates have the right to make specific requests about their personal data. iCIMS provides a built-in mechanism for candidates to submit these requests directly through the portal, and for admins to manage them from a centralized dashboard.
Available Request Types
iCIMS provides a default set of data subject request types. Each can be individually enabled, disabled, and relabeled to match your organization’s terminology:
📦 Request a Copy of Data (Portability)
iCIMS supports a “Personal Data Extract” feature. Admins can configure what is included in this file using person and recruiting workflow templates. Additional options in system configuration let you control the scope of the data package sent to the candidate.
🗑 Request Deletion
When a candidate requests deletion, iCIMS automatically places them into the Restrict Processing folder. From there, the country-based retention period kicks in. If no retention period is configured for that candidate’s country, an admin must manually schedule the deletion.
✋ Object to Processing (New)
Introduced in the Summer release, this allows candidates to formally object to the processing of their data at any time. This covers CCPA’s “right to limit use of personal information” as well as GDPR’s right to object. No automated action occurs with this request type; admins manage each case according to their organization’s internal procedures.
The Admin Dashboard
All incoming data subject requests funnel into a dedicated section accessible by user admins under Search > Personal Data Requests. From this dashboard, admins can view the request type, update the status (such as marking it “In Progress”), leave internal notes for other team members, and trigger data extracts for portability requests. This centralized view ensures nothing falls through the cracks across your team.
3. Automated Deletion & Country-Based Retention Periods
One of the most powerful features in iCIMS is the ability to automate the entire data deletion pipeline based on country-specific retention policies. Without this, admins must manually identify and delete profiles, which is both time-consuming and error-prone.
How It Works
When automated deletion is enabled, iCIMS allows you to configure a retention period for each country. Once a candidate enters the Restrict Processing folder (whether from expired consent or a deletion request), the system checks their country and starts the corresponding countdown.
iCIMS determines the candidate’s country using two fields, in this order of priority:
1 Regulatory Country Field (Preferred)
An optional field that can be added to the application. The candidate specifies their country of residence or regulatory jurisdiction. This is especially useful when a candidate’s mailing address differs from their regulatory country.
2 Address Country (Fallback)
If the Regulatory Country field is not in use, iCIMS defaults to the address country on the candidate’s profile. This works well for most organizations but may not capture edge cases where candidates live in a different jurisdiction than their mailing address.
Country-based retention policies are currently configured by iCIMS support staff. iCIMS has mentioned plans to expose this setting to user admins in the future, but for now, you will need to submit a support request with your desired retention periods per country.
If a candidate enters Restrict Processing and there is no retention policy set for their country, they will remain there indefinitely until an admin manually schedules them for deletion through the Purge Archive section. This is one of the strongest reasons to ensure every relevant country has a defined policy.
4. Consent Expiry Workflows
Click on any step below to see the details of each workflow. These interactive diagrams show exactly what happens from the moment a candidate provides consent to the final deletion or anonymization of their data.
iCIMS can automatically notify candidates who are uploaded (manually or via integration) without consent. The system sends them an email asking them to log in and provide consent within 30 days. If they do not, the standard Restrict Processing and retention workflow kicks in. This requires the candidate’s country and email address to be present in the system, and you can customize which email template is sent per country (useful for multilingual organizations).
5. Data Anonymization: Keep the Analytics, Lose the PII
This is one of the most impactful recent additions to iCIMS. Before anonymization, organizations faced a painful trade-off: comply with data privacy laws by deleting candidate profiles, but lose all the reporting and analytics data attached to those profiles. Anonymization solves this by stripping all personally identifiable information (PII) while keeping the record and its associated workflow data intact.
Manual vs. Automated Anonymization
How it works: Place a profile into the dedicated “Anonymized” folder. The system will automatically anonymize that profile within 48 hours.
Who can use it: Any iCIMS customer. You do not need to have enhanced consent settings enabled. If you are managing data retention manually, this gives you a way to anonymize instead of fully deleting profiles.
How it works: If you have enhanced consent and country-based retention policies configured, you can choose to anonymize instead of delete on a per-country basis. At the end of the standard retention workflow, instead of purging the profile, the system anonymizes it.
Granular control: You can choose anonymization for certain countries (like France or Germany) while keeping standard deletion for others. This gives you full flexibility to meet different regional requirements.
What Happens to the Data?
When a profile is anonymized, iCIMS processes three distinct categories of data:
🔀 Anonymized
- Person-level fields (name, email, phone, etc.)
- Recruiting workflow fields
- Standard and custom fields
- Email gets scrambled to prevent contact
🗑 Purged (Deleted)
- iPhones / offers
- Interview data
- Emails and notes
- Any data where PII cannot be reliably separated
✅ Retained (for Analytics)
- Workflow history
- Workflow data history
- Folder history
- Source history
- Additional fields you select
Once a profile is anonymized, all anonymized fields are locked to prevent any integration or user from de-anonymizing the record. iCIMS also adds two tracking fields to the profile: “Anonymization Status” (complete or error) and “Anonymization Date” for your audit trail.
When a profile is anonymized in the ATS, iCIMS treats it like a deletion for all connected products (CRM, Text Engagement, etc.). Those systems receive a notification to delete the candidate’s data on their end, ensuring privacy compliance extends across your entire iCIMS ecosystem.
Important Limitations
Anonymization follows the same eligibility checks as purging. If a profile was ever part of a licensed user group, it may not be eligible for anonymization because that person could be a critical part of audit trails (administrative changes, workflow moves, etc.). In those cases, the profile will be flagged as “not eligible” until the issue is resolved.
Also, at this time, anonymization only applies to person and recruiting workflow profiles. Job profiles cannot be anonymized through this feature, though iCIMS has acknowledged this as a potential area for future development.
6. Test Your Knowledge
Quick Check: iCIMS Data Privacy
See how well you absorbed the key concepts. Click an answer to check your understanding.
1. What happens when a candidate’s time-based consent expires and they do not log in to renew?
2. What is the key difference between deletion and anonymization in iCIMS?
3. If a candidate with job-based consent is submitted to a second job while the first is still active, what happens to their consent?
Need Help Optimizing Your iCIMS Privacy Settings?
FlowFam is an iCIMS Approved Consulting Partner. Whether you are setting up consent management for the first time or fine-tuning your anonymization workflows, we can help you get it right.
Book a Free iCIMS Strategy Call → Explore All Services
