hero header image We value data protection | GDPR statement | Elemed


Elemed and GDPR - External Communication (Website)

Elemed understands that data protection is important to its candidates, contractors and clients — Elena Kyriacou

What is the GDPR?

Back in 2016, the European Commission approved and adopted a new European regulation which updated the existing Data Protection framework. This Regulation is called the General Data Protection Regulation (often referred to as the GDPR for short). The GDPR became effective in all Member States on 25th May 2018 and applies to all companies which process personal data belonging to individuals in the European Union. The intention is to harmonise data protection law across the European Union and also to ensure that when parties outside of the European Union process personal data relating to EU citizens respect all of the relevant rights and obligations.

What about Elemed?

Elemed is incorporated in the United Kingdom, and so has already been subject to the Data Protection Act. Even in light of Brexit, the GDPR still applies to businesses based in the United Kingdom, and as a staffing and recruitment company providing services across the UK, the EU and even further afield, we understand that we need to provide our candidates, contractors and clients with services that meet the GDPR requirements.

Elemed and its management team welcomes the GDPR and recognises that compliance with the new framework is a strong opportunity to promote our business and ensure compliance and above all, allow us to provide high-quality recruitment services.

Elemed’s management team are therefore happy to confirm that we have implemented all the steps to become GDPR compliant.

What is Personal Data?

The GDPR says that personal data is any information relating to an identified or identifiable individual.

What is Processing under the GDPR?

Processing includes any operation performed on personal data by hand or via an IT system. An operation can include collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or by making such personal data available, aligning it, or combining it, restricting it, erasing it or destroying it.

Who does the GDPR apply to?

Since the GDPR applies to virtually all organisations that process the “personal data” of EU residents as a result of services offered to them, regardless as to whether or not the organisation is based within the EU, the obligations apply to Elemed and also to our clients. As Elemed is a recruitment company and deals with personal data relating to its candidates on a daily basis when it is carrying out recruitment activities for its clients, we support the importance of the GDPR for all parties concerned.

Private & Confidential Lawyer – Client Work Product prepared on 15th March 2018

Elemed’s Commitment to GDPR Compliance

We understand the importance of privacy for our candidates and contractors as individuals and strive to respect our candidates’ and contractors’ fundamental freedoms and privacy rights. Similarly, we understand that our clients rely on us to be compliant with data protection obligations so that they are also able to conduct their business securely.

This is why we promise never to send any CV or personal data belonging to a candidate to any third party, including our clients without having checked the accuracy and completeness of the personal data provided and without also first having obtained the candidate’s clear and express consent to transmit this information.

Elemed’s Steps towards GDPR Compliance

We are happy to confirm that Elemed has actively invested in GDPR and is GDPR compliant since May 2018.

As part of Elemed’s compliance program, we have analysed our business, our policies and our staff training in order to become GDPR ready.

We are therefore pleased to share with you some of the steps that we have taken which include:

  • The engagement of an external lawyer devoted to privacy, data protection and the GDPR;
  • Conducting an full business review of all personal data processing activities within Elemed to ensure alignment with GDPR requirements;
  • Ensuring that any technical or organisational measures required under GDPR are in place, including IT security requirements;
  • Updating Knowit’s existing frameworks to meet GDPR contractual requirements, including preparing updated Data Processing Agreements;
  • Preparing for the appointment and registration of Elemed’s own Data Protection Officer
If you would like any further information about Elemed’s commitment to the GDPR and privacy rights, please do not hesitate to get in touch with your usual contact person who will be happy to advise you.

Elemed, May 2018


Say goodbye to wasting time and money on digitising your regulatory activities.


Arrange a callback

WE'RE Here To Assist You

Let’s get to know each other

Have a free, personalised, career consultation with one of our experts. Learn about under-the-radar opportunities, salary insights and develop your career plan.