CORVALIS
Anmelden

Data Deletion

How and when applicant data is deleted.

Timely deletion of data is an important part of data protection. Sophie supports you in this.

Automatic Deletion

Configuration

Under Settings > Data Protection > Deletion Periods:

  1. Define when data should be deleted
  2. Select which data is affected
  3. Activate automatic deletion

Standard Periods

Data TypePeriod After Rejection
Contact Data6 months
Communication6 months
Documents30 days
Notes6 months

Reminders

30 days before automatic deletion:

  • You receive a notification
  • You can postpone or confirm deletion

Manual Deletion

Delete Individual Applicant

  1. Open applicant profile
  2. Click Delete Applicant
  3. Confirm

Delete Individual Data

  1. Open applicant profile
  2. Go to Data Protection
  3. Select data to delete
  4. Click Delete Selected

Delete Multiple Applicants

  1. Go to applicant overview
  2. Select multiple applicants
  3. Click Delete
  4. Confirm

Deletion on Request

When Applicant Requests Deletion

  1. Applicant writes: "Please delete my data"
  2. Sophie informs you
  3. You review the request
  4. You approve deletion

Review Request

Before deletion, Sophie checks:

  • Is the applicant identified?
  • Is there an active process?
  • Are there legal retention obligations?

During Active Process

Sophie informs the applicant:

"Your deletion request has been noted. As your application process is still active, your data will be deleted after its completion. You can withdraw your application at any time."

What Gets Deleted?

Complete Deletion

When deleting an applicant, the following is removed:

  • Name and contact details
  • Email address and phone number
  • All uploaded documents
  • Communication history
  • Reviews and notes
  • Appointment history

Anonymized Statistics

The following data remains anonymized:

  • Number of applications (without names)
  • Average processing time
  • Success rates

This data cannot be attributed to any person.

Deletion Log

Documentation

Every deletion is documented:

  • Time of deletion
  • Reason (automatic, manual, request)
  • Executing user
  • Affected data types

View Log

Under Settings > Data Protection > Deletion Log:

  • All performed deletions
  • Filter by period and type
  • Export as PDF

Retention Obligations

Some data must be retained:

  • Tax-relevant documents: 10 years
  • Contract documents: 6 years after contract end

Marking

Sophie marks data with retention obligations:

  • Cannot be deleted prematurely
  • Automatic deletion after expiration

Secure Deletion

Encrypted Destruction

Deleted data is:

  • Overwritten (not just marked)
  • Removed from all backups (after 30 days)
  • Logged

Irreversible

Deleted data cannot be recovered.

Best Practices

  • Regularly review deletion logs
  • Respond promptly to deletion requests
  • Configure sensible automatic periods
  • Document deletions for proof obligations