Understanding GDPR



GDPR (General Date Protection Regulation)… One of the most talked about topics of 2018, yet so many people still seem totally perplexed by it – including myself! But, as Office Manager, this definitely falls under my remit.

Having carried out research over the past few months, and attending various seminars/webinars, I was pleased to establish that we already have many key security measures in place. Our databases are secured with passwords, our filing cabinets are kept locked at all time, and as a house rule, we do not hold onto data longer than we deem necessary. Our team are fully aware of their responsibility to clients and candidates in holding personal data. As the appointed DPO (Data Protection Officer), I regularly audit our systems to ensure we are fully compliant.

As recruitment consultancy, personal data is something we manage daily. The difference with Hasson Associates is that we are quite simply quality driven. We aren’t a stereotypical recruitment agency, blasting out CVs to meet targets. We know our candidates well and we carefully select candidates before we invite them to register. We communicate with our candidates, and we ensure their personal details remain secured through all stages of the recruitment process. One of our recognised work ethics is that we always ensure consent is obtained from our candidates, prior to sending their CV.


So, what is Hasson Associates plan in light of GDPR?

  • We will continue to enforce our security measures in house.
  • We will continue to obtain consent from our candidates before submitting their CV.
  • We will request clients to destroy CVs that are rejected.
  • We will continue to communicate with our database unless they request to be removed (of which we will action).
  • We will continue to audit our systems to remain compliant.


What should you do?

  • Understand what constitutes personal data (anything with your name, photo, email, bank details, social networking sites, medical information etc…)
  • Ask where your data is held.
  • Identify who has access to your data and how it is secured.
  • Ask what your data is being used for.
  • Don’t be afraid to ask for your data to be removed and destroyed, if you no longer wish to share it.


To learn more about GDPR’s key changes, and how it affects you, visit: https://www.eugdpr.org/key-changes.html