Ryan Lamb Recruitment - GDPR Compliance Policy

Introduction – GDPR Compliance Policy

Ryan Lamb Recruitment is committed to protecting and respecting your privacy. This policy outlines how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR). The GDPR ensures that all individuals within the European Union have greater control over their personal data and how it is processed.

What Data We Collect

As a recruitment agency, we may collect and process various types of personal data, including but not limited to:

  • Contact Information: Name, address, telephone number, and email address.
  • Career Information: Employment history, qualifications, skills, references, and job preferences.
  • Identification Information: Date of birth, gender, nationality, and right to work details.
  • Financial Information: Bank details for payroll purposes (where applicable).
  • Communication Records: Any correspondence or communication between you and Ryan Lamb Recruitment.

We collect this data to assist you in finding the right job opportunities and to provide our recruitment services effectively.

Why We Collect Your Data

We collect and process your personal data for the following purposes:

  • To match you with appropriate job opportunities based on your skills and preferences.
  • To communicate with you regarding job applications, interviews, offers, and employment.
  • To comply with legal obligations related to right-to-work checks, equal opportunity monitoring, and other regulatory requirements.
  • To process payroll and payments for temporary or contracted roles.
  • To improve our services and enhance your user experience.

How We Collect Your Data

We collect data directly from you when you:

  • Register with us as a candidate.
  • Apply for job opportunities through our website or partner sites.
  • Communicate with us via email, phone, or other channels.
  • Attend interviews or provide us with references.

We may also collect data indirectly through publicly available sources such as LinkedIn or other professional networking sites.

Lawful Basis for Processing

Under GDPR, we must have a lawful basis for processing your data. The main lawful bases for our data processing include:

  • Consent: We obtain your explicit consent to collect and process your data.
  • Contractual Necessity: We process your data to fulfil our contractual obligations to you as a candidate or client.
  • Legal Obligation: We are required to process certain data to comply with employment and regulatory laws.
  • Legitimate Interests: We may process your data for legitimate business interests, such as improving our services, unless these are overridden by your individual rights.

Your Rights

Under GDPR, you have the following rights concerning your personal data:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request corrections to any inaccurate or incomplete data.
  • Right to Erasure (“Right to be Forgotten”): You can request that we delete your personal data under certain circumstances.
  • Right to Restriction of Processing: You can request that we limit the processing of your personal data.
  • Right to Data Portability: You can request a copy of your personal data in a machine-readable format to transfer to another service provider.
  • Right to Object: You can object to the processing of your personal data, particularly for direct marketing purposes.
  • Right to Withdraw Consent: If you have provided consent for the processing of your data, you can withdraw it at any time.

To exercise any of these rights, please contact us at [email protected].

Data Retention

We will retain your personal data only for as long as necessary to fulfil the purposes for which we collected it, including the need to satisfy legal, accounting, or reporting requirements.

The retention periods for candidate data are generally as follows:

  • Active Candidates: Data will be retained for the duration of your relationship with Ryan Lamb Recruitment.
  • Inactive Candidates: Data will be retained for a period of two years from the date of your last interaction with us, unless you request its deletion.

Data Security

We are committed to ensuring that your personal data is secure. We have implemented appropriate technical and organisational measures to protect your personal data from loss, misuse, unauthorised access, alteration, or disclosure. This includes secure databases, encrypted communications, and restricted access to personal data.

Data Sharing

We do not sell your data to third parties. However, we may share your personal data with:

  • Potential employers as part of the recruitment process.
  • Service providers, such as payroll processors, who assist us in providing recruitment services.
  • Legal or regulatory authorities when required to comply with legal obligations.

We ensure that any third-party service providers are GDPR-compliant and have agreed to protect your data.

International Data Transfers

In certain circumstances, your data may be transferred outside the European Economic Area (EEA). If this happens, we ensure that adequate protection measures are in place, such as Standard Contractual Clauses, to safeguard your personal data.

Changes to this Policy

We may update this GDPR Compliance Policy periodically to reflect changes in legislation or our data practices. We will notify you of any material changes and update the “Last Updated” date at the top of this document.

Contact Us

If you have any questions or concerns about this GDPR Compliance Policy or your personal data, please contact us at:

Ryan Lamb Recruitment
272 Bath Street,
Glasgow, G2 4JR
Phone: 0141 478 0508
Email: [email protected]

Scroll to Top