Data Protection and GDPR Policy
Recruitment Direct UK Limited
Herkimer House
Mill Road Industrial Estate
Linlithgow
EH49 7SF
Scotland
United Kingdom
1. Statement
Recruitment Direct UK Limited (“RDUK”, “we”, “our” or “us”) is committed to protecting personal data and ensuring compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and all applicable data protection legislation.
We recognise the importance of protecting the privacy, confidentiality, integrity and security of personal information entrusted to us by applicants, workers, clients, suppliers and website users.
2. Purpose
The purpose of this policy is to:
- Protect personal information.
- Ensure compliance with data protection legislation.
- Promote responsible handling of personal data.
- Establish clear responsibilities regarding data protection.
- Reduce the risk of data breaches and unauthorised disclosure.
- Support the lawful use of AI-assisted technologies within recruitment and compliance operations.
3. Scope
This policy applies to:
- Employees
- Workers
- Applicants
- Clients
- Contractors
- Suppliers
- Business partners
The policy applies to all personal data processed by Recruitment Direct UK Limited in electronic, digital and paper formats.
4. Data Protection Principles
Recruitment Direct UK Limited will ensure that personal data is:
- Processed lawfully, fairly and transparently.
- Collected for specified and legitimate purposes.
- Adequate, relevant and limited to what is necessary.
- Accurate and kept up to date.
- Retained only for as long as necessary.
- Protected through appropriate security measures.
- Processed in accordance with individuals' rights.
5. Types of Personal Data
RDUK may process:
- Names and contact details.
- CVs and employment history.
- Qualifications and training records.
- Identification documents.
- Right to work documentation.
- Payroll and banking information.
- References.
- Communications and correspondence.
- Website usage information.
- Compliance documentation.
- Information collected through AI-assisted recruitment and communication systems.
6. AI-Assisted Compliance and Operations
Recruitment Direct UK Limited may use artificial intelligence (“AI”), machine learning and automated technologies to support recruitment, communication, compliance, administration and data management activities.
These technologies may assist with:
- Applicant screening and assessment.
- Skills and vacancy matching.
- Automating communications via telephone, email, SMS and messaging platforms.
- Document verification and compliance checks.
- GDPR compliance monitoring.
- Identifying incomplete, inaccurate or duplicate records.
- Updating and maintaining recruitment database records.
- Monitoring document expiry dates and retention periods.
- Supporting compliance audits and reporting.
- Recruitment workflow automation.
- Improving operational efficiency and service delivery.
RDUK may utilise AI-assisted GDPR compliance technologies to improve the accuracy, quality and maintenance of recruitment database records.
AI technologies are used to support business operations and regulatory compliance and do not replace human responsibility, accountability or legal obligations.
All AI-assisted activities remain subject to appropriate human oversight, review and compliance controls. Final recruitment, compliance and business decisions remain subject to human review where appropriate.
7. Data Security
Recruitment Direct UK Limited will implement appropriate technical and organisational measures to protect personal data from:
- Unauthorised access.
- Unauthorised disclosure.
- Accidental loss.
- Alteration or destruction.
- Misuse or unlawful processing.
Security measures may include:
- Access controls.
- Secure authentication procedures.
- Encryption technologies.
- Secure cloud-based systems.
- Staff awareness and training.
- System monitoring and auditing.
- Regular review of security controls.
8. Data Sharing
Personal data may be shared where necessary with:
- Clients and prospective employers.
- Payroll providers.
- Umbrella companies.
- Professional advisers.
- Technology and software providers.
- Compliance providers.
- Government bodies and regulators where legally required.
All sharing of personal data will be carried out in accordance with applicable legislation and appropriate safeguards.
9. Data Retention
Personal data will be retained only for as long as necessary to fulfil recruitment, employment, legal, regulatory and business requirements.
RDUK may utilise automated and AI-assisted systems to support the monitoring of retention periods and identify records due for review or deletion.
Data will be securely deleted, destroyed or anonymised when no longer required.
10. Individual Rights
Individuals may have the right to:
- Access their personal data.
- Correct inaccurate information.
- Request deletion of information.
- Restrict processing.
- Object to processing.
- Request data portability.
- Withdraw consent where applicable.
Requests should be submitted to:
11. Data Breaches
Any actual or suspected data breach must be reported immediately.
Recruitment Direct UK Limited will investigate incidents promptly and take appropriate corrective action.
Where required by law, breaches will be reported to the Information Commissioner's Office (ICO) and affected individuals.
12. Training and Awareness
Recruitment Direct UK Limited will promote awareness of data protection obligations and encourage responsible handling of personal information.
Employees and workers are expected to comply with data protection requirements and report concerns relating to privacy, security or compliance.
13. Compliance
Failure to comply with this policy may result in disciplinary action, termination of engagement, contractual action or referral to regulatory authorities where appropriate.
14. Review
This policy will be reviewed annually or sooner if required by legislative, regulatory, technological or business changes.
Director Approval
I confirm that this Data Protection and GDPR Policy has been reviewed and approved on behalf of Recruitment Direct UK Limited.
__________________________________________


