GDPR Policy

Introduction

We take data protection and privacy very seriously and are committed to protecting the personal data of our clients, candidates, employees, and other stakeholders. This policy sets out the principles we follow to ensure that we process personal data in compliance with the General Data Protection Regulation (GDPR) and other relevant data protection laws.

Scope

This policy applies to all personal data we process as a recruitment agency, whether it is stored electronically or on paper.

Principles of data protection

We adhere to the following principles of data protection:

Lawfulness, fairness and transparency: We process personal data lawfully, fairly and in a transparent manner.

Purpose limitation: We collect personal data for specified, explicit and legitimate purposes only, and we do not process it in any way that is incompatible with those purposes.

Data minimisation: We only process personal data that is adequate, relevant and limited to what is necessary for the purposes for which it is processed.

Accuracy: We take reasonable steps to ensure that personal data is accurate and up to date.

Storage limitation: We do not store personal data for longer than is necessary for the purposes for which it is processed.

Integrity and confidentiality: We process personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.

Rights of data subjects

We respect the rights of data subjects under the GDPR, including the right to access, rectify, erase, restrict, object to, and port personal data. We also have processes in place to handle data subject requests in a timely and efficient manner.

Data breach notification

We have a data breach notification process in place to detect, report and investigate any personal data breaches. We will notify the relevant supervisory authority and affected individuals without undue delay where a data breach is likely to result in a risk to the rights and freedoms of individuals.

Training and awareness

We provide regular training to our employees on data protection and privacy issues to ensure they are aware of their responsibilities under this policy.

Monitoring and review

We regularly monitor and review our data protection policies and procedures to ensure they are effective and up to date with changes in legislation and best practices.