As we cannot anonymise applicants or enquiries in the Admissions Module when they have been archived as rejected or withdrawn. This is in breach of GDPR regulations and means every school who is using this module could be fined by the ICO.
I am the Data Compliance Officer. Our retention period for unsuccessful applicants is 12 months. If I delete the records which we no longer need to keep then it affects the historical statistics so I am cannot delete them. Therefor, I need to be able to anonymise them.
Under GDPR, personal data should not be retained longer than necessary. The system can archive rejected and withdrawn applicants, but does not anonymise them automatically. While archiving itself is not a GDPR breach, schools are responsible for ensuring they have a clear retention policy in place that justifies how long applicant data is stored.
If there are specific concerns regarding compliance, we recommend consulting with your Data Protection Officer (DPO) to determine your school’s obligations. If you require further clarification on system functionality, please reach out to the support desk.
I am the Data Compliance Officer. Our retention period for unsuccessful applicants is 12 months. If I delete the records which we no longer need to keep then it affects the historical statistics so I am cannot delete them. Therefor, I need to be able to anonymise them.
Under GDPR, personal data should not be retained longer than necessary. The system can archive rejected and withdrawn applicants, but does not anonymise them automatically. While archiving itself is not a GDPR breach, schools are responsible for ensuring they have a clear retention policy in place that justifies how long applicant data is stored.
If there are specific concerns regarding compliance, we recommend consulting with your Data Protection Officer (DPO) to determine your school’s obligations. If you require further clarification on system functionality, please reach out to the support desk.