GDPR and customer data.
Recruit So Simple is built to help recruitment teams handle personal data responsibly. This page explains the GDPR principles, the tools available in the system, and how we process customer data as part of providing the service.
The core GDPR principles.
GDPR sets out clear principles for organisations that collect, store or process personal data. In summary, personal data should be:
Lawful & transparent
Processed lawfully, fairly and in a way people can understand.
Purpose limited
Collected for specified, explicit and legitimate purposes.
Data minimised
Adequate, relevant and limited to what is necessary.
Accurate
Accurate and kept up to date where needed.
Storage limited
Kept only for as long as necessary.
Secure
Protected with appropriate security and access controls.
Tools that support responsible data handling.
Recruit So Simple includes practical features to help customers manage consent, protect records, audit activity and respond to data requests.
Information Request Tool
Send structured requests to candidates and collect information in a consistent way, including consent-related confirmations where appropriate.
Read-Only Notes
Prevent notes from being edited or deleted after they are created, helping preserve important records such as consent notes and internal audit history.
Sent Document History
Track documents sent from the system, including when they were sent and who received them, so relevant information is easier to locate for subject access requests.
Data Exports
Export data from within the system in CSV format, helping authorised users respond to portability, reporting and information requests.
Erasure support
When records are deleted, associated data such as documents, notes and emails is also removed. The action is recorded in the system log to support audit trails.
System log
A detailed activity log helps authorised users review key actions within the database for audit, security and accountability purposes.
How customer data is handled.
Recruit So Simple acts as a data processor for customer data held in the service. Our customer agreements set out the basis on which we process that data to provide, secure and support the system.
Infrastructure & certifications
Customer data security is a core part of how we operate. Our infrastructure is hosted by Amazon Web Services (AWS), which maintains internationally recognised certifications and accreditations including ISO 27017 for cloud security, ISO 27018 for cloud privacy, SOC 1, SOC 2, SOC 3 and PCI DSS Level 1.
Backups & resilience
Customer data is backed up at regular intervals and stored in two alternative EU locations in line with AWS guidance. We also carry out regular security and performance testing to support the reliability of the service.
Account security & permissions
Customer databases can be protected with additional security controls including two-step authentication, access control lists and the built-in permissions system. Authorised users can export customer data from within the system, and the system log provides an activity record for auditing and security review.
Support & authentication
Recruit So Simple includes a support ticket system within each customer database. Account enquiries must be raised by an authorised user, which helps us confirm the request and protect customer accounts and data before discussing account-specific information.
Breach reporting & third parties
In the unlikely event of a reportable data breach, we have procedures in place to notify affected customers and, where required, the ICO within 72 hours of discovery. We do not share customer data with third parties without appropriate authorisation.
EXCELLENT
4.9 Average 33 Reviews
J Brownlie
Andrew was superb throughout the whole process. He understood that the issue would better be resolved over the phone and endeavoured to make it as easy as possible. Effortless and very efficient whilst giving...
L Thornhill
I've worked in recruitment since 2001, so have plenty of years' experience and plenty of recruitment systems experience. Despite having worked for a very large corporate, their system was nowhere near as good...
Need more detail about data protection?
Contact us if you need clarification, supporting documentation or more information about how Recruit So Simple handles customer data.