GDPR tools for recruitment data that needs careful handling.
Recruit So Simple is built to help recruitment teams handle personal data responsibly. This page explains the GDPR principles, the tools available in the system, and how we process customer data as part of providing the service.
The core GDPR principles.
GDPR sets out clear principles for organisations that collect, store or process personal data. In summary, personal data should be:
Lawful & transparent
Processed lawfully, fairly and in a way people can understand.
Purpose limited
Collected for specified, explicit and legitimate purposes.
Data minimised
Adequate, relevant and limited to what is necessary.
Accurate
Accurate and kept up to date where needed.
Storage limited
Kept only for as long as necessary.
Secure
Protected with appropriate security and access controls.
Tools that keep consent, access and audit history visible.
Recruit So Simple includes practical features to help customers manage consent, protect records, audit activity and respond to data requests.
Information Request Tool
Send structured requests to candidates and collect information in a consistent way, including consent-related confirmations where appropriate.
Read-Only Notes
Prevent notes from being edited or deleted after they are created, helping preserve important records such as consent notes and internal audit history.
Sent Document History
Track documents sent from the system, including when they were sent and who received them, so relevant information is easier to locate for subject access requests.
Data Exports
Export data from within the system in CSV format, helping authorised users respond to portability, reporting and information requests.
Erasure support
When records are deleted, associated data such as documents, notes and emails is also removed. The action is recorded in the system log to support audit trails.
System log
A detailed activity log helps authorised users review key actions within the database for audit, security and accountability purposes.
How customer data is handled.
Recruit So Simple acts as a data processor for customer data held in the service. Our customer agreements set out the basis on which we process that data to provide, secure and support the system.
Infrastructure & certifications
Customer data security is a core part of how we operate. Our infrastructure is hosted by Amazon Web Services (AWS), which maintains internationally recognised certifications and accreditations including ISO 27017 for cloud security, ISO 27018 for cloud privacy, SOC 1, SOC 2, SOC 3 and PCI DSS Level 1.
Backups & resilience
Customer data is backed up at regular intervals and stored in two alternative EU locations in line with AWS guidance. We also carry out regular security and performance testing to support the reliability of the service.
Account security & permissions
Customer databases can be protected with additional security controls including two-step authentication, access control lists and the built-in permissions system. Authorised users can export customer data from within the system, and the system log provides an activity record for auditing and security review.
Support & authentication
Recruit So Simple includes a support ticket system within each customer database. Account enquiries must be raised by an authorised user, which helps us confirm the request and protect customer accounts and data before discussing account-specific information.
Breach reporting & third parties
In the unlikely event of a reportable data breach, we have procedures in place to notify affected customers and, where required, the ICO within 72 hours of discovery. We do not share customer data with third parties without appropriate authorisation.
Agencies mention the same things
4.9 Average 33 Reviews
Easy adoption, responsive support and better value than over-complicated recruitment systems.
M Greening
What a fantastic start to the New Year guys - I love the updates to the system. I’m already making use of the new filtering and reporting options. Thanks for all the great support I received last week as well...
A Wilkes
I’m a long time user of RSS - over three years now - and I can’t recommend them highly enough. On the occasions that I’ve contacted their technical support, the response times are extremely fast. This is of great...
Need more detail about data protection?
Contact us if you need clarification, supporting documentation or more information about how Recruit So Simple handles customer data.