The GDPR changes the current legal bases which are used to justify collecting and processing personal data, and require additional transparency in informing individuals about when (and why) their data is collected, processed and transferred. Traditionally, Forward Assist Recruitment has relied on an individual’s consent to justify the processing of their data. However, under the GDPR, there are stricter requirements for consent – it must be clearly distinguishable from other matters, in an intelligible and easily accessible form and must be capable of being withdrawn. Separate consent must be sought for separate processing activities (such as, for example, when a candidate has put his or her details forward for one vacancy and these are then used for an unrelated purpose).
Forward Assist Recruitment will only submit your details once the name of the client has been divulged, you have been briefed on their activities and the role available – and your acceptance to relay your details on agreed. We will retain your data securely for a maximum period of 5 years.
At any time, you are able request the removal of any data held on your behalf, and this can be done via email to datacontroller@ forwardassistrecruitment.com. Confirmation will be sent to you to confirm any requests and will be actioned within 5 working days. The complete Forward Assist Recruitment Ltd privacy document can be found on the website forwardassistrecruitment.co.uk. There will be no negative or detrimental impact on you – the data subject – if a request for the removal of your data is requested at any time – and in doing so, you will no longer receive communication from Forward Assist Recruitment. You will of course be invited to re-apply for other positions via the job boards that we utilise and your application treated as any other would be – with previous removal having no impact whatsoever on any business conducted in the future.
A legal basis is our justification for why we are processing personal data in a particular way. The GDPR sets out legal bases in Article 6 of the regulation. During our data mapping process, we have identified that the legal basis that justifies how and why we collect, process and store your personal data in our organisation is under “legitimate interests pursued by the Controller”.
Forward Assist Recruitment act as a data processor (We collect and process an individual’s personal data on behalf of other companies). Under previous data protection legislation (prior to 25th May 2018), there were few direct obligations. However, under the GDPR, Forward Assist Recruitment has direct responsibility for our own compliance with the GDPR and all of our staff have been trained and undertaken examinations to ensure compliance both individually and as an organisation.
- pseudonymisation and encryption of personal data;
- the ability to ensure on-going confidentiality, integrity, availability and resilience of data processing systems;
- the ability to restore data in a timely manner in the event of an incident; and
- a process for regularly testing, assessing and evaluating the effectiveness of security measures.
- Data protection and security has always been important to us and we adhere to all current data protection laws. We use industry best practice security including site-wide encryption (HTTPS), browser verification and two factor authentication to protect against the unauthorised access of any data we hold.
Forward Assist Recruitment strives to provide our clients and candidates with a simple and effective recruitment service – identifying relevant candidates for the needs of employers via various subscription job board platforms where we both post jobs and search for CVs. This has earnt us the trust of thousands of candidates and direct employers from across the UK over many years. We will continue to make the necessary changes to our service offering to ensure we are compliant with the new legislation, and we will keep our clients informed.