Shopping Cart
Your Cart is Empty
There was an error with PayPalClick here to try again
CelebrateThank you for your business!You should be receiving an order confirmation from Paypal shortly.Exit Shopping Cart

B​en Recruitment 

General Data Protection Regulation (GDPR)

What is GDPR?

The General Data Protection Regulation (GDPR) is the toughest privacy and security law in the world. 

Though it was drafted and passed by the European Union (EU), it imposes obligations onto organizations anywhere, so long as they target or collect data related to people in the EU. 

The regulation was put into effect on May 25, 2018. 

The GDPR will levy harsh fines against those who violate its privacy and security standards, with penalties reaching into the tens of millions of euros. is provided to you as helpful resource to quickly find all 99 Articles and 173 Recitals of the Regulation, as well as helpful guides and checklists that walk you through how the Regulation may apply to you. 

Here you can find the official PDF of the Regulation (EU) 2016/679 (General Data Protection Regulation) in the current version.

Data Controller

Ben Recruitment takes precautions for the security and privacy of Your personal data. 

This Privacy policy’s purpose is to explain how and why we collect Your personal data, and what we use it for.

In the context of General Data Protection Regulation, the Data Controller is:

Ben Recruitment Ltd

For all inquiries and complaints regarding the security and privacy of your data please contact Ben Recruitment:


[email protected]

The data we collect

The personal data we may collect from you includes:

  • contact details such as name, title, addresses, telephone numbers, and personal email addresses
  • copies of driving licence, passport, birth certificates and proof of current address, such as bank statements and council tax bills
  • evidence of how you meet the requirements of the job, including CVs and references
  • evidence of how you meet the employer job opportunities rules and confirmation of your security clearance – this can include nationality details and information about convictions, allegations and offences as part of Disclosure and Barring Service checks
  • evidence of your right to work in the UK and immigration status
  • diversity and equal opportunities monitoring information – this can include information about your race or ethnicity, religious beliefs, sexual orientation, disability and other ‘special category data’
  • information about your health, including any medical needs or conditions
  • other information required for some applications
  • if you contact us regarding your application, a record of that correspondence
  • details of your use of our recruitment tools and services, such as your candidate profile and alerts for vacancies
  • the status of your application and updates on how it moves forward

Our legal basis for using your data

We process personal data throughout the application on different legal bases.


  • Processing your data is necessary to move your application forward before signing a contract of work. 
  • This concerns employment or pre-employment checks.

Legal obligation 

  • The law requires BR to check that candidates are entitled to work in the UK.

Public task 

  • When we carry out National Security vetting for some roles, we have to process personal data to perform a task that is in the public interest or in the exercise of our official authority.
Processing criminal convictions and sensitive information 
  • We collect, use and hold sensitive information such as criminal convictions on the lawful bases of contract, legal obligation and public task.

Why we need your data

We need your data in order to:

  • move your application forward
  • check that you are the right candidate for the role
  • get in contact with you
  • send you notifications for vacancy roles or job alerts

How your personal information is collected

We usually collect your personal information when you enter it in Ben Recruitment. 

We might also collect information from third parties.

These include:

  • former employers and people named by candidates as references
  • credit reference agencies
  • the Disclosure and Barring Service (DBS)
  • other background check agencies
  • other government departments and institutions 

Applications automatically declined

During the application process you will be asked eligibility questions. 

You would not have to disclose sensitive information, and everyone still has an equal opportunity to apply. 

The system will automatically decline your application if you do not have to meet the eligibility criteria.

Reserve lists

We maintain a reserve list of candidates who met our requirements, but were not successful in securing the specific post they applied for. 

We will ask for your consent to be added to this list. 

We will refer to the list when other roles are advertised and will contact you, if you match the role. 

We will ask for your consent before putting you forward for the role.

Data sharing

Personal information you provide in the recruitment process will be made available to BR and our processors. 

If you are successfully recruited, we will upload your details to our HR system. 

As a member of staff you will sign a contract of employment and agree to additional terms on how your data is handled and stored.

We will also share your data for statistical analysis (it will be anonymised first) if we are required to do so by law – for example, by court order, or to prevent fraud or other crime.

Where BR is managing the recruitment on behalf of likely third parties organisations, we will share your information with that third party, who will undoubtedly have their own data controller.

We will always keep those whose data is being shared aware of the proceedings for transaparenty if there is a data requirement to share your information with reason.

Data security

We have put in place measures to protect the security of your information.

Third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. 

In addition, we only give access to your personal information to those employees, agents, contractors and other third parties who need to work on your recruitment process.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data retention

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for - including legal, accounting, or reporting requirements.

This will depend on:

  • the amount, nature, and sensitivity of the personal data
  • the potential risk of harm from unauthorised use or disclosure of your personal data
  • the purposes for which we process it
  • whether we can achieve those purposes in other ways

For documents supporting recruitment, application and sifting the retention period is 3 years.

If you are unsuccessful, personally identifiable data is removed 12 months after your most recent application.

Your rights

You have the right to:

  • request access to your personal information (known as a ‘data subject access request’) - you will receive a copy of the personal information we hold about you, so you can check that we are lawfully processing it. It also allows you to request an electronic copy of any data you have provided in a structured, commonly used and machine-readable format
  • request that we correct incomplete or inaccurate personal information that we hold about you
  • request we delete or remove your personal information - you can do this when there is no good reason for us to keep it - you can ask us to delete or remove your personal information where you have exercised your right to object to processing (see below)
  • withdraw your consent for any data processed under the lawful basis of consent (see below)
  • object to the processing of your personal information where we are relying on the legal basis that we are carrying out our public task (see legal bases above)
  • request we restrict the processing of your personal information - you can ask us to stop processing your personal information, for example if you want us to establish its accuracy or the reason for processing it

To make any of these requests or to ask us to transfer a copy of your personal information to another party, contact Ben Recruitment on e-mail: [email protected]

Accessing your data

You will not have to pay a fee to access your personal information or to exercise any of the other rights. 

However, if your request for access is clearly unfounded or excessive we may:

  • charge a reasonable fee
  • refuse the request

In some cases we will need some information to confirm your identity. 

This is to ensure that your personal information is not disclosed to someone who has no right to access it.

Questions and complaints​

The data controller for your personal data is the Ben Recruitment.

If you have any questions about this privacy notice contact Ben Recruitment on e-mail: [email protected]

Ben Recruitment provides advice and monitors BR's use of personal information. 

If you have any concerns about how your personal data has been handled, please contact the BR:

Ben Recruitment Ltd

20-22 Wenlock Road

City of London


N1 7GU


[email protected]

If you have a complaint, you can also contact the Information Commissioner’s Office, who is an independent regulator set up to uphold information rights.

Information Commissioner's Office


i[email protected]

Contact form:


0303 123 1113


01625 545 860

Privacy Update

Ben Recruitment will update GDPR content, once we have received appropriate data update changes, through our continuity engagement with the ICO.

We will inevitably let you know, if any changes to this privacy notice will apply to you and your data immediately. 

If these changes affect how your personal data is processed, we will take reasonable steps to let you know.