GDPR kicks in this week, and, by now, the whole nation will be well aware of what this entails, given the number of opt in emails we have all received. For the sectors we work with, GDPR has presented its own challenges. Both the legal and financial services industries handle large quantities of personal data, often with considerable legal obligations, which complicates things further. On our journeys we speak to a great number of firms and managers, and it has been fascinating to hear how they have been dealing with the demands from the new regulation. GDPR has undoubtedly taken up a great deal of management time.

Urban myths and the scaremongering surrounding consent have not helped the situation either, but both the misinformation and the flurry of consent emails should now be at an end. Long term, GDPR ought to lead to more transparent and ethical ways of handling personal data. As we mentioned in our previous blog post, we are looking forward to GDPR, and what it might do for the recruitment industry. Our feeling is that it might go some way towards improving practices and restore the somewhat mixed reputation the industry has. We’ve never sent out a candidates’ CV without permission, and to be fair most recruitment firms don’t, but it will be nice to have this formalised and the playing field levelled.

It is also clear that people are becoming more and more informed of their rights under GDPR, which is great, and they are often keen to exercise them. The mechanics surrounding data processing is perhaps a little less understood, however, and there is a danger of the term becoming a byword for bad practice. Data processing is a necessity for everything from employment and house-buying to regular charity donations and going on holiday. It is neither good or bad in its own right.

For the team at Fram, our practices were already GDPR compliant, though we have updated our privacy policy, and have spent some time looking at our processes and improving the information flow to our candidates. We are proud that our database has been largely unaffected by GDPR, which we think speaks to its integrity.

If you have any questions about our privacy policy or our processes, please contact our Data Protection Officer, Beate Oera, on [email protected].