Implementing General Data Protection Regulation for a Recruiting Firm

Systems Integrators

10Clauses Assessed

Achieved GDPR Compliance

Talent Delivered

  • Assessed clauses to comply with BS 10012:2017 control
  • Advised client to build a robust process for on-going compliance
  • Ensured integrations were also GDPR compliant
Industry Systems Integrators
Services Consulting

Indotronix partnered with a national recruiting firm to implement General Data Protection Regulation (GDPR) standards.


This recruiting company came to Indotronix looking to implement General Data Protection Regulation standards. In order to remain compliant with those standards, HR management/recruiting software platforms that handle a candidate’s data must be governed by a data protection agreement that’s set up by a data controller. This is what Indotronix was asked to provide.


The challenges fell around regulation and ensuring that the implemented measures were able to safeguard personal data. This included:

  • Prioritizing data security
  • Testing, evaluating, and maintaining data security
  • Encrypting of candidate data
  • Restoration of candidates’ data in case of an incident
  • Demonstrating commitment to support the Data Controller in their compliance journey
  • Ensuring external integrated applications were also GDPR compliant

Services Provided

We provided consultation on building controls for ongoing compliance, which included:

  • A review of current data security & privacy processes
  • Data privacy impact assessment
  • Data privacy risk treatment
  • Data inventory
  • Logical &  physical security controls
  • Documenting requirements, policies, & procedures