Applicantextra now has a powerful data consent system to help you keep track candidate and contact data usage permissions.
After asking some key questions about your database, the system group candidates and contacts your answers and will then email them an automated data consent questionnaire laying out what your organisation needs their data for, how you will ensure it stays protected and up to date and also laying out the candidates rights under current legislation. At the end of the email are one or two buttons asking for permission to keep the data for an agreed period or giving the option to delete their record if they so wish.

Firstly you will need to nominate a single user who will be in charge of the data consent for your system and give them “edit data consent policy” permissions in the consultant admin record permissions tab.
This will allow them to click the data consent link in the admin section of the side bar menu to see this…

The screen is split into two sections, candidate in light blue and contacts in dark orange.

In each section you can define the rules by which the system will email the consent emails to candidates and contacts. The sections start with two tick boxes that apply the rules to New and/or Existing records and there are [edit template] links against each of these that will open the template appropriate to that type of candidate or contact. So for instance different wording can be sent in email to new candidates than would be sent to established candidates. All templates have the usual right-click-menu automailer tags so that you can personalise the greeting to each recipient in the same way other automailer templates have always done.

Existing records have a second parameter of how often they should be contacted in months, whereupon when the time is expired the system will send another consent email asking to extend the permission further.

As it is not our place to force you to be compliant, we have given our users the choice of which options to offer recipients of the consent emails and how to deal with the choices the recipient makes.

So you can choose to send both a “give consent” button and “withdraw consent” button in the email or any combination of those two including neither.

For obvious safety reasons, the system does not automatically delete users but instead marks them for deletion (based on the rules in this screen) so that the actual record deleting is handled by the consultants/users who own that record. This is done from the first screen after login, also known as the diary.
In there the user will eventually see a list of candidates and contacts split into sub-categories explaining why they are there and with options to delete individually or in chunks of a hundred at a time.