Cyber Security & IT Policy
Recruitment Direct UK Limited
Herkimer House
Mill Road Industrial Estate
Linlithgow
EH49 7SF
Scotland
United Kingdom
1. Statement
Recruitment Direct UK Limited (“RDUK”, “we”, “our” or “us”) is committed to maintaining secure, reliable and resilient IT systems and protecting company, applicant, worker and client information from cyber security threats.
The company recognises that effective cyber security and IT management are essential to business continuity, operational performance, regulatory compliance and the protection of confidential information.
2. Purpose
The purpose of this policy is to:
- Protect company systems, devices and information.
- Reduce cyber security risks.
- Support compliance with UK GDPR and data protection legislation.
- Promote secure use of technology.
- Protect confidential and personal information.
- Maintain business continuity and operational resilience.
3. Scope
This policy applies to:
- Employees
- Workers
- Directors
- Contractors
- Consultants
- Suppliers with authorised access to company systems
The policy applies to all company devices, cloud systems, recruitment software, databases, communication platforms, email systems and information assets used by Recruitment Direct UK Limited.
4. Technology Environment
Recruitment Direct UK Limited operates primarily through secure cloud-based systems. Business information, recruitment records, compliance records and operational data are stored within secure cloud environments.
The company supports remote and hybrid working arrangements and utilises digital technologies to deliver recruitment and business services efficiently and securely.
5. Existing Security Measures
Recruitment Direct UK Limited maintains a range of security controls including:
- Cyber Essentials certification.
- Cloud-based data storage.
- Daily automated backups.
- Password and authentication controls.
- User access controls and permissions.
- Secure remote and hybrid working arrangements.
- Software updates and security patching.
- Device security controls.
- Use of reputable technology providers.
- Ongoing monitoring of cyber security risks.
These measures are designed to protect the confidentiality, integrity and availability of company information.
6. AI-Assisted Technology
Recruitment Direct UK Limited may utilise artificial intelligence (“AI”), machine learning and automated technologies to support recruitment, compliance, administration and information management activities.
These technologies may assist with:
- Recruitment workflows.
- Applicant screening processes.
- Compliance monitoring.
- GDPR compliance activities.
- Database maintenance and record management.
- Identification of incomplete, inaccurate or duplicate records.
- Reporting and operational efficiency.
All AI-assisted activities remain subject to appropriate human oversight and review.
7. User Responsibilities
All users of company systems are responsible for:
- Protecting passwords and login credentials.
- Maintaining the security of company devices.
- Using company systems responsibly.
- Protecting confidential information.
- Reporting suspicious activity immediately.
- Following company IT and cyber security procedures.
Users must not:
- Share passwords.
- Install unauthorised software.
- Circumvent security controls.
- Use company systems for unlawful purposes.
8. Remote Working
Individuals working remotely are expected to:
- Use secure internet connections.
- Protect company devices and information.
- Prevent unauthorised access to systems.
- Follow company security requirements.
- Report security concerns promptly.
9. Incident Reporting
Any actual or suspected cyber security or IT incident must be reported immediately.
Examples include:
- Phishing attacks.
- Malware infections.
- Data breaches.
- Unauthorised access attempts.
- Lost or stolen devices.
- Suspicious account activity.
- System failures affecting business operations.
All incidents will be investigated and managed appropriately.
10. Business Continuity and Recovery
Recruitment Direct UK Limited stores business and recruitment data within secure cloud-based systems.
Daily automated backups are maintained to support:
- Data protection.
- Disaster recovery.
- Business continuity.
- Operational resilience.
The company will take reasonable steps to restore access to systems and information in the event of a cyber security incident, technical failure or operational disruption.
11. Review
This policy will be reviewed annually or sooner if required by legislative, regulatory, technological or business changes.
Director Approval
I confirm that this Cyber Security & IT Policy has been reviewed and approved on behalf of Recruitment Direct UK Limited.
__________________________________________


