Safeguarding Applicant Data: Enhancing GDPR Compliance

With the rapid growth of software usage and data processing, safeguarding user privacy has become more critical than ever. Businesses face increasing risks of unintentionally violating data privacy regulations due to insufficient compliance measures, which can lead to substantial fines and reputational damage.At Lever, our goal was to help customers protect their data while meeting compliance requirements.

Specifically, we aimed to:

Reduce the risk of data retention-related fines for customers with a global presence.
Reduce the risk of data retention-related fines for customers with a global presence.
Streamline workflows by minimizing the time spent identifying candidates nearing data retention expiry.

Our solution delivered significant impact, retaining nearly $2 million in revenue during the MVP phase alone, while empowering customers to manage compliance efficiently and confidently.

cade study landing image with a preview of the final product

Project Highlights

Understanding GDPR and Lever’s Opportunity

In a world of increasing data regulations, the General Data Protection Regulation (GDPR) has emerged as a global gold standard for data privacy and protection. GDPR ensures that organizations manage and process personal data responsibly, with severe consequences for non-compliance.

Lever’s platform, widely used by enterprise organizations, faced a critical gap: it lacked functionality to help customers meet GDPR requirements, particularly around data retention and candidate privacy. Without tools to manage data in compliance with GDPR, customers—especially those with global operations—risked fines and operational inefficiencies.

Initially, this project was scoped by my design manager but transitioned to me due to organizational changes. My role was to design a scalable, self-serve solution that addressed customers’ GDPR needs while aligning with Lever’s broader business goals.

Addressing Gaps in Compliance Management

Lever’s customers, particularly large enterprises with global operations, needed localized control over their data retention and privacy settings. However, our platform only supported global-level configurations, limiting flexibility for compliance with regional laws.

Key issues included:

Limited Customization: Only global-level data retention settings were available, making compliance with regional regulations difficult.
Risk of Non-Compliance: Inability to manage data effectively increased the likelihood of fines and operational setbacks.
Operational Inefficiencies: Manual workflows to manage candidate data retention were time-consuming and prone to errors.

These gaps highlighted the urgent need for a self-serve solution tailored to the complexities of GDPR. Addressing these challenges was essential to maintain trust and ensure Lever’s product could scale alongside its customers’ needs.

Designing for Compliance, Efficiency, and Scalability

We built a compliance management portal within the settings area, enabling customers to manage GDPR requirements across three key categories: collection, retention, and anonymization. Unlike the previous globally applied rules, the new portal introduced flexibility by allowing users to configure settings for each category independently. Additionally, we added functionality for managing data retention by job location, meeting a critical need for global enterprises. The project’s primary objectives were accounted for through:

Country and Location Level Data Retention: Customers were enabled to define and configure data retention policies by region, city, or jurisdiction. Retention settings were anchored around the concept of "lawful basis," which defines how organizations manage and store candidate data in their active pipelines.
Automate Anonymization: Customers could customize parameters to auto-anonymize candidate data after a specified period, reducing manual intervention and ensuring ongoing compliance.
Hashed Data Storage: Organizations could securely hash candidate emails, ensuring data compliance while maintaining the ability to identify candidates for future reference in a secure, unreadable format.
Support Future Scalability: Our work built the foundation for integrations with HRIS systems and additional compliance capabilities.

Impact and Results

The GDPR portal delivered measurable impact:

$1-2M Retention Revenue: The MVP phase alone generated significant retention revenue, validating the portal’s value.
Improved Efficiency: Customers reduced the time spent managing compliance tasks, allowing teams to focus on strategic priorities.
Enhanced Trust: The portal strengthened customer relationships by addressing critical compliance needs with a scalable solution.

Delivering a Self-Serve GDPR Compliance Portal

Key Objectives

Flexible Compliance Management Across Jurisdictions

Empowered customers to globally or selectively manage data collection and retention settings, providing critical flexibility for companies operating in multiple jurisdictions. With tools to establish lawful bases, manage cookie preferences, anonymize fields, and configure data storage settings at granular levels—such as country, state, or city—customers can confidently align with regional GDPR laws.

Key Objectives

Secure Candidate Data Storage With Privacy Controls

Enabled customers to oversee and manage historical candidate information collected during the application process, including name, email, location, and employment history. Through the GDPR portal, customers can refresh or anonymize opportunities. Anonymization removes personal data while preserving vital recruiting insights like feedback forms and notes, ensuring compliance without sacrificing operational efficiency.

Goals

Avoid Costly GDPR Penalties Through Proactive Compliance

Help customers avoid substantial fines by equipping them with the tools to adhere to region-specific GDPR requirements. The solution minimized compliance risks while protecting their reputation and maintaining trust in Lever's platform.

Goals

Streamlining Compliance to Save Time and Reduce Risks

Reduced the manual effort required to manage GDPR compliance by automating the identification of candidates nearing retention expiry. Notifications for expiring data alleviated concerns about accidental violations, saving time while ensuring adherence to GDPR rules.

Measuring Success

Adoption of Retention Management Tools

Success is demonstrated by the increased number of data retention locations actively managed per enterprise customer. This metric reflects the scalability and usability of our GDPR compliance tools.

Measuring Success

Reducing Churn Through Retention

By addressing key GDPR compliance concerns, we successfully retained enterprise customers at risk of churn. This initiative safeguarded $1.5 million in ARR, underscoring the critical business impact of our solution.

Crafting a Scalable GDPR Compliance Solution

The process behind designing Lever's GDPR portal involved a mix of research, collaboration, and iterative design to address the complexities of data privacy and enterprise needs.

Building Empathy Through Background Research

Our discovery phase involved extensive research into GDPR laws and best practices across customer jurisdictions. This groundwork allowed us to approach problem-solving with a clear, empathetic understanding of our customers' concerns and frustrations around GDPR compliance. By identifying pain points, we ensured our solution was deeply aligned with customer needs.

Uncovering Customer Needs in GDPR Compliance

Our research centered on understanding what functionality mattered most to customers for maintaining GDPR compliance. We validated the importance of localizing data retention by job location and gained insights into customers' concerns with Lever's existing GDPR model. These insights formed the foundation for designing a solution tailored to their needs.

Core Insights That Shaped the Solution

Through research, we found that Lever’s enterprise and strategic customers often operated in multiple job locations worldwide. These customers needed to manage compliance processes—collection, retention, and anonymization—separately for each location. This insight made it clear that supporting data retention by job location was not just a feature but a necessity.

Focusing on Strategic Customers to Drive Impact

For phase one, we prioritized Lever's enterprise and strategic customer base. Insights from customer success managers revealed a strong connection between GDPR compliance concerns and ongoing initiatives to prevent churn and improve conversion in our enterprise funnel. Addressing these concerns became key to delivering value for this high-impact audience.

A Flexible Compliance Management Portal

Key Insights for Scalable and Localized Compliance Solutions

Scalable Compliance Settings

The existing GDPR compliance page at Lever lacked scalability to support multiple regulations. As Lever continues to expand globally, additional compliance requirements from various jurisdictions would strain the performance and usability of the current page. A scalable settings page was essential to:

Reduce product, design, and engineering effort when adding new regulations.
Ensure the platform could adapt to evolving compliance needs without compromising usability.

This insight highlighted the critical need to future-proof Lever's compliance capabilities, creating a foundation for efficient growth and flexibility.

Localization of Data Retention

Lever’s enterprise and strategic customers often operate across multiple global locations, each governed by local data privacy laws. These regulations dictate how long candidate data can be retained, and exceeding these limits poses significant risks, including penalties from regulatory bodies during audits.

Key takeaways from customer interviews emphasized the importance of localization:

Failure to localize retention settings risked substantial fines and reputational damage.
Customers needed the ability to configure data retention settings by job location (e.g., country, state, or city) to comply with regional laws.

Essential Features for Data Retention Management

Customer feedback revealed specific requirements for improving data retention settings:

Separation of Compliance Sections: Customers requested distinct sections for collection, retention, and anonymization to simplify management.
Data Retention by Job Location: Adding the ability to manage retention settings at the job location level was identified as a top priority for enterprise customers.
Reorganization of Existing Features: Decoupling and re-arranging functionalities to align with these sections provided clarity and usability.

Finalized Solution: Empowering Customers With a Comprehensive GDPR Portal

The finalized designs introduced a robust and user-friendly portal for managing data retention, collection, and anonymization settings. Our approach prioritized flexibility and customization, ensuring a consistent, seamless experience for organizations operating across multiple jurisdictions, regardless of their size or complexity.

Recognizing that every company has unique preferences for complying with GDPR, we built a solution focused on choice and adaptability. Customers could define their data collection and retention preferences at various levels of granularity:

Country-Level Settings: Apply a unified set of GDPR compliance rules to all office locations within a country for simplicity and consistency.
Location-Level Settings: Configure preferences by region, city, or jurisdiction for organizations requiring greater localization and precision.

Retention settings were anchored around the concept of "lawful basis," which defines how organizations manage and store candidate data in their active pipelines. For example:

Companies could set timeframes for retaining candidate data after a job opportunity closes (referred to as "candidate interest") based on their legal and localization requirements.
These settings ensured compliance by aligning data storage policies with regional regulations while preserving operational efficiency.

The portal also introduced advanced anonymization tools:

Selective Anonymization: Customers could choose which candidate data fields to anonymize or retain for recruiting-related reporting needs.
Hashed Data Storage: Organizations could securely hash candidate emails, ensuring data compliance while maintaining the ability to identify candidates for future reference in a secure, unreadable format.

To enhance usability, we added features that allowed customers to:

Search and Bulk-Anonymize Candidates: Simplify workflows by anonymizing large groups of candidates with just a few clicks.
Automate Anonymization: Customize parameters to auto-anonymize candidate data after a specified period, reducing manual intervention and ensuring ongoing compliance.

This comprehensive approach not only addressed the immediate GDPR compliance challenges but also empowered organizations with scalable, future-proof tools for managing candidate data securely and efficiently.