GDPR Explained

GDPR Explained

What does GDPR actually mean for you and your recruitment agency?

GDPR is about protecting individuals and their rights, specifically the right to control their own data. The biggest difference between GDPR and other privacy regulations is that GDPR specifically awards individuals a series of rights around the use of their personal information.


  1. The right to be informed

This is the right to transparency. It’s the responsibility of a recruitment agency to communicate what data you’re collecting, what you’re storing/processing, and how you intend to use it.

  1. The right to access

You must confirm to individuals that you’re processing their data and to provide access to that data.

  1. The right to rectification

You must rectify any personal data that’s inaccurate or incomplete. You have one month from the initial request to comply. If you’ve previously disclosed this data to others, you must notify them of the changes you’ve made.

  1. The right to erasure

This is the right to be forgotten. As part of GDPR, an individual has the right to request you delete any and all information you have on them.

  1. The right to restrict processing

This right requires you to halt the use of any personal data that an individual believes is inaccurate. You may continue to store the data while you resolve the issue.

  1. The right to restrict portability

This allows individuals to obtain and reuse their personal data. Should a candidate or other individual invoke this right, you must provide their personal data in a common readable form such as a CSV file.

  1. The right to object

Individuals can object if you use their data for direct marketing, such as email marketing. If a candidate or other individual objects, you must stop using their personal data to market to them.

Latest Jobs...