Since its original announcement in 2016 and implementation in 2018, the General Data Protection Regulation (GDPR) was the most important change in data protection regulation in over 20 years.

Whether you are a family run business operating a cafe in a single location, or a nationwide team for a well known brand, GDPR applies to every business.

Why is GDPR important in recruitment?

The aim of GDPR is to protect the privacy of UK (and EU) citizens from data breaches by putting in place a strict governance on the processing and storage of personal data.

There are a number of key key points which must be considered whenever handling data, not limited to but including:


Consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it. This applies to people applying, creating jobseeker accounts, and receiving communication.

Right to Access

Data subjects have the right to ask and get information from the controller about whether or not personal data concerning them is being processed, where and for what purpose. Even further, the controller shall provide a copy of the personal data, free of charge, in an electronic format. This change is a dramatic shift towards data transparency and empowerment of data subjects.

Right to be Forgotten

Data subjects are entitled to ask the controller to remove their data and stop processing records. The data controller may have other obligations to keep data for a certain period of time however.

Will GDPR apply after Brexit?

To get straight to the point – Yes. Despite the UK officially leaving the European Union (EU) in 2020, the UK adopted GDPR when it comes to data protection, meaning anyone dealing with data in the UK and EU must still follow the regulation. 

When it comes to the Data Protection Act 2018, this regulation was updated to replace the 1998 regulation, and sits alongside GDPR.

How can an ATS help with GDPR?

With our ATS, everything we do is with data protection in mind. 

From the way we help you process candidates, store candidate records, and pass them onto your favourite payroll or HRIS software – and everything in between – we do everything we can to ensure a high standard of data protection and security.

We believe that GDPR shouldn’t make you worry, so as your talent acquisition partner, we take care of factors such as…

Secure data storage

With heavy fines in place for any breaches of GDPR, it is crucial to have secure data storage at the forefront for your recruitment. With an ATS, you can rest easy knowing that candidate data is stored in a secure database, helping you reduce the risk of data getting into the wrong hands.

Whether it be individual accounts or magic links, here at Talent Funnel, we help to make sure that your recruitment team doesn’t have to rely on passing around passwords too.

How can third-party integrations upgrade this?

Integrations with third-party platforms allow for safe and highly-secure data transfer from to-and-from the ATS, removing the need for any sensitive candidate data to be stored anywhere where it doesn’t need to be.

Automatic time-based data deletion

As set out in your privacy policy, we can help ensure that candidate records are deleted after a set amount of time, helping you to prevent a build up of unused candidates in your accounts and database.

Right to be Forgotten

An ATS makes deleting candidate records straightforward. Whether it’s a rejected candidate, or one currently in the pipeline, if a candidate requests to be removed from the recruitment process and your database, quickly and easily delete their candidate record from the ATS.