Email systems are often the biggest data retention risk. Here’s what compliance and IT need to fix. Email is often overlooked in data retention strategies — yet it’s where the most unstructured personal data lives. Archived emails may contain salary details, medical information, and candidate records — often held for years without review. UK GDPR…
Unsure how long to keep HR records under UK GDPR? Here’s a breakdown for hiring managers and compliance teams. HR records often sit in systems long after employees leave — exposing firms to unnecessary GDPR risk. UK GDPR requires that personal data be retained only as long as necessary for the purpose it was collected….
Storing CVs for years after rejection? It might be a data protection breach. Here’s what you need to know. It’s common for recruitment teams to keep CVs “just in case” — but under UK GDPR, this can be unlawful. The problem: If a candidate wasn’t hired, their data must only be retained if you have…
Professional services firms often retain employee data longer than necessary. Here’s what UK GDPR requires and how to mitigate risk. Employee data is a compliance blind spot for many professional services firms. From CVs and appraisal notes to disciplinary records, HR systems often store personal data far beyond its useful life — and well beyond…